Security Bulletin
13 Jan 2025
Biztonsági szemle
ISC Stormcast For Tuesday, January 14th, 2025 https://isc.sans.edu/podcastdetail/9278, (Mon, Jan 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
13 Jan 2025
Biztonsági szemle
Malicious WordPress database entry, widget steals credit card info
The fileless script injection is difficult to detect using traditional scanning methods.
13 Jan 2025
Biztonsági szemle
Celebrity investors, creator metrics, and Chrome extension compromise - ESW #389
13 Jan 2025
Biztonsági szemle
CISA Releases the Cybersecurity Performance Goals Adoption Report
13 Jan 2025
Biztonsági szemle
Grupo Bimbo Ventures Announces Investment in NanoLock Security
13 Jan 2025
Biztonsági szemle
Pastor indicted for Christian-themed cryptocurrency pyramid scam
Francier Obando Pinillo faces 26 counts of fraud for running a scam on his Pasco, Washington, congregation.
13 Jan 2025
Biztonsági szemle
Microsoft Cracks Down on Malicious Copilot AI Use
According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.
13 Jan 2025
Biztonsági szemle
Critical 10.0 Aviatrix Controller flaw exploited in the wild
Aviatrix Controllers are prime targets because they have high-level privileges in cloud environments.
13 Jan 2025
Biztonsági szemle
Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw
The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.
13 Jan 2025
Biztonsági szemle
Hikvision Password Reset Brute Forcing, (Mon, Jan 13th)
One common pattern in password resets is sending a one-time password to the user to enable them to reset their password. The flow usually looks like: