Security Bulletin
18 Nov 2024
Biztonsági szemle
Millions of WordPress sites potentially hijackable due to critical plugin bug
Malicious actors could leverage the vulnerability, which stems from improper user check error management in the two-factor REST API action, to facilitate high-privileged account breaches that could then be used for additional attacks, according to...
18 Nov 2024
Biztonsági szemle
WhatsApp zero-day exploited by NSO Group post lawsuit
While WhatsApp proceeded to disable the "Eden" exploit leveraged by NSO Group, the Israeli firm proceeded to create the "Erised" vector to target the app's users until May 2020, noted a court filing from Meta, which also noted that NSO Group, and not...
18 Nov 2024
Biztonsági szemle
Israel subjected to Iranian attacks with new WezRat infostealer
Malicious emails spoofing Israel's National Cyber Directorate have been leveraged by Cotton Sandstorm to lure targeted entities into downloading a Google Chrome security update, which facilitates the delivery of WezRAT that enables file downloading...
18 Nov 2024
Biztonsági szemle
Novel PXA Stealer leveraged by Vietnamese hackers
Attackers delivered phishing emails with a ZIP file attachment with an executable Rust-based loader, which prompts Windows batch scripts that not only open lure documents but also facilitate the deactivation of antivirus software prior to the...
18 Nov 2024
Biztonsági szemle
Architecting sustainability in storage area networks
Organizations can benefit from designing storage area networks (SANs) that are not only secure, but also with less impact on the planet.
18 Nov 2024
Biztonsági szemle
APT41 expands cyberespionage to target Windows
DeepData, which has a layout identical to LightSpy and features a dozen infostealing-focused plugins, enables not only the exfiltration of data from browsers, password managers, and social networking apps, but also the recording of audio from its...
18 Nov 2024
Biztonsági szemle
AnnieMac Home Mortgage breach impacts 171K
Infiltration of AnnieMac's systems between Aug. 21 and 23 resulted in the potential copying of individuals' names and Social Security numbers, said the New Jersey-based mortgage lender in breach notification letters, which noted the lack of evidence...
18 Nov 2024
Biztonsági szemle
DHS Releases Secure AI Framework for Critical Infrastructure
The voluntary recommendations from the Department of Homeland Security cover how artificial intelligence should be used in the power grid, water system, air travel network, healthcare, and other pieces of critical infrastructure.
18 Nov 2024
Biztonsági szemle
Business Leader’s Guide for a Successful Microsegmentation Project
One of the most effective strategies for protecting your digital assets is microsegmentation. The success lies in how it's implemented and the planning.
18 Nov 2024
Biztonsági szemle
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability CVE-2024-0012 Palo Alto Networks PAN-OS...
18 Nov 2024
Biztonsági szemle
Exploit attempts for unpatched Citrix vulnerability, (Mon, Nov 18th)
Last week, Watchtowr Labs released details describing a new and so far unpatched vulnerability in Citrix's remote access solution [1]. Specifically, the vulnerability affects the "Virtual Apps and Desktops." This solution allows "secure"...
Pagination
- Previous page ‹‹
- Page 13
- Next page ››