Biztonsági szemle

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

Acquisition strengthens Deepwatch Platform capabilities with actionable insights and risk-based prioritization.

Security consultancy Quarkslab said that the flaw could allow threat actors to bypass USB lockouts.

Attackers are using patched bugs to potentially gain unfettered access to an organization's Windows environment under certain conditions.

Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.

If the VerifyHostKeyDNS option is activated, an attacker could impersonate a server to hijack SSH sessions.

Attackers stole data from U.S. military and Lockheed Martin, Boeing and Honeywell employees for as little as $10 per computer.

Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.

Chase Bank customers sending Zelle payments may be sought to provide details, including payment purpose and means of contact with recipients, said the bank in an updated user policy.