Biztonsági szemle

Zero Trust World 2025 will highlight the importance of “default-deny” strategies, practical cybersecurity applications, and fostering a collaborative IT security community through hands-on labs, case studies, and expert insights.

In just two years, LLMs have become standard for developers — and non-developers — to generate code, but companies still need to improve security processes to reduce software vulnerabilities.

The compromise commences with the delivery of a CLDAP referral response packet to disrupt the Local Security Authority Subsystem Service before the subsequent sending of a DCE/RPC request to the targeted machine and the eventual designation of the...

Wallet drainer attack activity was particularly elevated during the first three months of 2024, with the loss of $55.4 million worth of cryptocurrency in the year's biggest heist bringing stolen proceeds to $187 million, according to a study from...

Such a flaw stems from Nuclei's template signature verification process, with the simultaneous usage of regular expressions, or regex, and YAML parser potentially resulting in the introduction of a "\r" character read as a line break and leading to...

Misconfigurations in MyGiftCardSupply's Microsoft Azure Cloud instance leaked nearly 200,000 customers' selfie pictures and more than 600,000 identity document images, the most recent of which was from New Year's Eve, according to security researcher...

Infiltration of the hospital's network earlier that month resulted in the compromise of files, one of which had individuals' names, birthdates, Social Security numbers, state ID or driver's license numbers, biometric details, financial account data...

"Atos understands that external third-party infrastructure, unconnected to Atos, has been compromised by the group Space Bears. This infrastructure contained data mentioning the Atos company name, but is not managed nor secured by Atos," said the...

Malicious emails using code of conduct-related lures deceive targets into opening an image file-spoofing RAR archive that deploys a Windows executable that runs PLAYFULGHOST.

As AI, machine identities, and identity-based attacks surge, cybersecurity experts reveal strategies to protect sensitive data and maintain digital trust.

Megjelent a SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2025. januári száma, melyben azzal foglalkozunk, hogyan védhetjük meg az okosotthon eszközeit a kiberbűnözőktől.

The “Bad Likert Judge” method asks the LLM to evaluate a prompt’s harmfulness, then provide a harmful example.