Security Bulletin

As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.

The U.S. has continued its crackdown against North Korean IT worker scams with sanctions against the country's government weapons trading office Department 53 and its Laos-based front companies Korea Osong Shipping and Chonsurim Trading Corporation...

Included in the data exposed by the server were personally identifiable information, job application forms, Security Industry Authority cards, payroll details, TrustID validated documents, and invoices from up to two decades ago, according to...

Infiltration of Wolf Haldenstein's systems facilitated the compromise of individuals' full names, Social Security numbers, employee identification numbers, medical diagnoses, and medical claim details, none of which has been misused so far, said the...

While major German manufacturer Covestro confirmed having its U.S. logistics server's data impacted by the Clop hack, leading U.S. car rental firm Hertz, Western Alliance Bank, and Arrow Electronics disclosed the lack of any evidence suggesting that...

All FBI devices leveraging the agency's AT&T public safety service were noted by a document and officials close to the matter to have been impacted by the incident, which was previously reported to have compromised nearly 109 million customers' call...

Included in the exposed firewall data are IP addresses, passwords, and configuration files, said Belsen Group in its post on the hacking forum.

Both campaigns involved the distribution of malicious emails purporting to be invoices, purchase orders, or quotation requests with attachments, which when opened triggers a PowerShell script fetching the trojanized image and executing a .NET-based...

Malicious emails under the guise of a U.S. government official sought to lure individuals part of the government and diplomacy sectors into joining a WhatsApp group on non-governmental initiatives for Ukraine NGOs through a shortened link that...

Aside from subjecting government IT contractors to minimum cybersecurity standards, Biden's EO also broadens sanctions against foreign cyber adversaries, mandates new cryptographic standards for federal agencies, orders the development of artificial...

In partnership with the Federal Bureau of Investigation (FBI), CISA released an update to joint guidance Product Security Bad Practices in furtherance of CISA’s Secure by Design initiative. This updated guidance incorporates public comments CISA...

A 2025. 3. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.01.10. és 2025.01.16. között kezelt incidensek statisztikai adatait is tartalmazza.