Security Bulletin
9 Jan 2025
Biztonsági szemle
New AI Challenges Will Test CISOs & Their Teams in 2025
CISOs need to recognize the new threats AI can present — while also embracing AI-powered solutions to stay ahead of those threats.
9 Jan 2025
Biztonsági szemle
Active exploitation of Ivanti Connect Secure zero-day ongoing
While the security flaw — which could be abused to facilitate arbitrary code execution — also impacts Ivanti Policy Secure versions older than 22.7R1.2 and Ivanti Neurons for ZTA Gateways older than 22.7R2.3, such devices have not been subjected to...
9 Jan 2025
Biztonsági szemle
Unsecured Amazon S3 bucket exposes WebWork data
More files are being continuously added to the bucket, which has remained unprotected since its discovery in June, according to Cybernews researchers who disputed the purportedly end-to-end encrypted nature of the stored logs.
9 Jan 2025
Biztonsági szemle
Over 360K impacted by Medusind breach
Information compromised in the breach included not only names, birthdates, email addresses, and phone numbers, but also Social Security numbers, driver's licenses, taxpayer IDs, payment details, and health and health insurance and billing data...
9 Jan 2025
Biztonsági szemle
Database compromise confirmed by UN civil aviation agency
Unauthorized access to the database prompted the exfiltration of recruitment-related information from April 2016 to July 2024, including applicants' names, birthdates, email addresses, and employment history, but not their financial details...
9 Jan 2025
Biztonsági szemle
Gravy Analytics purportedly hacked
Additional details regarding the incident, which was initially reported by independent tech news outlet 404media, remain uncertain but cybersecurity researchers John Hammond of Huntress and Marley Smith of RedSense have confirmed the veracity of the...
9 Jan 2025
Biztonsági szemle
North American K-12 districts impacted by PowerSchool breach
Infiltration of PowerSchool's PowerSource customer support portal via stolen credentials enabled threat actors to access a maintenance access tool enabling entry to SIS instances and the eventual exfiltration of data such as names and addresses, as...
9 Jan 2025
Biztonsági szemle
Powering Resilient Communities
In 2024, opportunity, disruption, and innovation intersected and accelerated at a previously unimagined pace. As a global community, we began to embrace AI to elevate work, government, economies, and… Read more on Cisco Blogs
9 Jan 2025
Biztonsági szemle
Digital identity verification will have a breakout year in 2025
Here are five trends that will lead to the increased adoption of digital identity verification this year.
9 Jan 2025
Biztonsági szemle
India Readies Overhauled National Data Privacy Rules
The country awaits implementation guidelines for a framework that gives Indians greater autonomy and security over their personal data — and recognizes a right to personal privacy.
9 Jan 2025
Biztonsági szemle
Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics [Guest Diary], (Thu, Jan 9th)
[This is a Guest Diary by Cody Hales, an ISC intern as part of the SANS.edu BACS program]
9 Jan 2025
Biztonsági szemle
ISC Stormcast For Thursday, January 9th, 2025 https://isc.sans.edu/podcastdetail/9272, (Thu, Jan 9th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.