Biztonsági szemle

Exposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance.

Both vulnerabilities originate from the differences in XML parsing between REXML and Nokogiri.

Attackers behind the OBSCURE#BAT use fake CAPTCHAs in typosquatted domains and spoofed software.

Keyfactor research finds that about 18% of RSA-based digital certificates have flaws ranging from trivial to very serious. A new tool promises to find them.

The “SuperBlack” ransomware leverages the LockBit 3.0 builder with a custom encryption tool.

A novel twist on social engineering attacks is causing havoc for hospitality providers

Researchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit.

Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.

Tenable researchers jailbreak DeepSeek to build a keylogger and ransomware.

Consumer Reports, Secure Resilient Future Foundation (SRFF), and US Public Interest Research Group (PIRG) have introduced a model bill to increase transparency around when Internet of Things devices no longer have manufacturer support.

When top management thinks of cybersecurity as a differentiator, the company’s in a stronger position to stay competitive.