Biztonsági szemle

Cyber events have been categorized on a 1 to 5 scale, with attacks impacting at least 136,000 organizations in the UK and leading to financial losses of at least £5 billion meriting a category-five classification, according to CMC.

Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.

Trump "does not have the power to give away our private information to anyone he chooses, and he cannot cut federal payments approved by Congress," said the coalition of 14 states attorneys, which includes attorneys general from California, New York...

Attackers who breached HSHS' systems from Aug. 16 to Aug. 27, 2023, were able to exfiltrate varying types of data from individuals, including a combination of names, birthdates, addresses, Social Security numbers, driver's license numbers, medical...

Infiltration of internal HPE email boxes within the Office 365 environment through a compromised account in May 2023 enabled Midnight Blizzard hackers to access mailbox data from its workers in the cybersecurity, business, and go-to-market teams...

Both malicious packages resembling proof-of-concept models were not identified by Hugging Face's Picklescan security tool due to differences in compression format with PyTorch, as well as a security issue that prevented the proper scanning of Pickle...

For too long, we've treated our analysts as mere cogs in a machine, expecting them to conform to the limitations of our tools and processes. It's time to revolutionize security operations.

Ransomware operators are pitching victims to infect additional machines on their company network.

Immediately patching is recommended due to the risk of RCE on Microsoft IIS web servers in critical infrastructure sectors.

The secret use of other people's generative AI platforms, wherein hijackers gain unauthorized access to an LLM while someone else foots the bill, is getting quicker and stealthier by the month.

Five years after a Russian APT infiltrated a software update to gain access to thousands of SolarWinds customers, the board has voted unanimously to sell at a top valuation and plans for uninterrupted operations.