Security Bulletin
3 Apr 2024
Biztonsági szemle
Novel anti-cookie theft feature in Chrome detailed
BleepingComputer reports that Google has been working on curbing browser cookie theft with the new Device Bound Session Credentials functionality in Chrome as it prepares to remove third-party cookies from the browser.
3 Apr 2024
Biztonsági szemle
Online xz utility backdoor scanning tool issued
Binarly has issued a free online tool that would facilitate scanning a newly discovered backdoor and maximum severity vulnerability in xz tools and libraries used by major Linux distributions, tracked as CVE-2024-3094, across Linux binaries amid...
3 Apr 2024
Biztonsági szemle
Arbitrary script injections possible with WP-Members plugin flaw
More than 60,000 WordPress sites with the WP-Members Membership Plugin could be compromised with arbitrary script injections due to a high-severity cross-site scripting vulnerability, tracked as CVE-2024-1852, reports SecurityWeek.
3 Apr 2024
Biztonsági szemle
Unified open source standards for EU Cyber Resilience Act compliance mulled
More stringent security controls under the European Union's Cyber Resilience Act have resulted in a new partnership between the Apache Software Foundation, OpenSSL Software Foundation, Eclipse Foundation, and four other open source foundations to...
3 Apr 2024
Biztonsági szemle
US, UK forge AI safety collaboration
ZDNET reports that the accelerated artificial intelligence growth has prompted the U.S. and the UK to join hands in bolstering AI safety and testing.
3 Apr 2024
Biztonsági szemle
Ibis Budget room codes exposed by vulnerability
Ibis Budget hotels across Europe had keypad codes that could be leveraged for room entry exposed due to a security flaw impacting its self check-in kiosks, SecurityWeek reports.
3 Apr 2024
Biztonsági szemle
Attack against UK city council admitted by INC Ransom
Ongoing compromise of the UK's Leicester City Council that began in early March has been claimed by the INC Ransom extortion operation, which admitted in a post on its leak site to have stolen 3 TB of data from the city council before immediately...
3 Apr 2024
Biztonsági szemle
Unlocking the Future of Government Cybersecurity: Insights from CyberScoop’s Zero Trust Summit
Discover the future of zero trust in government cybersecurity, where enhanced visibility meets AI-driven analytics for a powerhouse of protection and performance. Hear expert insights in our CyberScoop interview.
3 Apr 2024
Biztonsági szemle
Why the FCC’s cybersecurity labeling program benefits IoT systems
A voluntary labeling program offers dividends at home and abroad and will secure the IoT ecosystem across important verticals such as energy, healthcare, and manufacturing.
3 Apr 2024
Biztonsági szemle
ISC Stormcast For Wednesday, April 3rd, 2024 https://isc.sans.edu/podcastdetail/8922, (Wed, Apr 3rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
3 Apr 2024
Biztonsági szemle
ChatGPT jailbreak prompts proliferate on hacker forums
Tactics include “tricking” the AI into believing it is in “development mode” or roleplaying.
2 Apr 2024
Biztonsági szemle
Prudential Financial: February incident exposed data of nearly 37K customers
Following SEC filing, insurer says ransomware group stole personal data in February cyberattack.