Security Bulletin
29 Apr 2024
Biztonsági szemle
How to Red Team GenAI: Challenges, Best Practices, and Learnings
Red teaming is a crucial part of proactive GenAI security that helps map and measure AI risks.
29 Apr 2024
Biztonsági szemle
Web traffic of fake USPS sites similar to legitimate site
BleepingComputer reports that fraudulent United States Postal Service websites used in phishing campaigns recorded similar traffic as the legitimate domain on regular days, while surpassing the traffic of the postal service's real domain during the...
29 Apr 2024
Biztonsági szemle
New DHS AI safety, security board introduced
Growing security and privacy concerns surrounding artificial intelligence have prompted the Department of Homeland Security to unveil its new AI Safety and Security Board, which includes Alphabet CEO Sundar Pichai, OpenAI CEO Sam Altman, Advanced...
29 Apr 2024
Biztonsági szemle
D-Link NAS Device Backdoor Abused, (Mon, Apr 29th)
End of March, NetworkSecurityFish disclosed a vulnerability in various D-Link NAS devices [1]. The vulnerability allows access to the device using the user "messagebus" without credentials. The sample URL used by the PoC was:
29 Apr 2024
Biztonsági szemle
Misconfiguration exposes Empire Distribution data
U.S. independent record label Empire Distribution, which has worked with Kendrick Lamar, Snoop Dogg, and 50 Cent, had its sensitive data exposed as a result of an environment file misconfiguration, Cybernews reports.
29 Apr 2024
Biztonsági szemle
California state welfare platform hack impacts over 19K accounts
Officials at the California Statewide Automated Welfare System disclosed that over 19,000 accounts in the state's BenefitsCal welfare program portal were compromised for almost a year, reports The Record, a news site by cybersecurity firm Recorded...
29 Apr 2024
Biztonsági szemle
Malware deployed via job interview-spoofing NPM packages
Attacks deploying a malicious Python backdoor via fraudulent NPM packages spoofing as job interviews have been targeted at software developers by suspected North Korea-linked threat actors as part of the ongoing DEV#POPPER social engineering campaign...
29 Apr 2024
Biztonsági szemle
Belarus security agency allegedly subjected to hacktivist attack
Belarus had its primary KGB security agency's network claimed to have been compromised by the Belarusian Cyber-Partisans hacktivist operation, resulting in the theft of data belonging to more than 8,600 KGB employees, The Associated Press reports.
29 Apr 2024
Biztonsági szemle
Old Microsoft Office bug leveraged to compromise Ukraine
Ukraine had its systems subjected to attacks involving the exploitation of an almost seven-year-old Microsoft Office remote code execution vulnerability, tracked as CVE-2017-8570, to facilitate Cobalt Strike deployment late last year, reports The...
29 Apr 2024
Biztonsági szemle
Comply-to-Connect and Cisco ISE: Revolutionizing the Department of Defense
Comply-to-Connect and Cisco ISE are better together! Discover how they're revolutionizing the Department of Defense.
29 Apr 2024
Biztonsági szemle
Ten years of Heartbleed: Lessons learned
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
29 Apr 2024
Biztonsági szemle
What to know about each stage of the CISO maturation cycle
Here’s a blueprint on the skills and types of people needed for the CISO role as the company evolves.
Pagination
- Previous page ‹‹
- Page 190
- Next page ››