Biztonsági szemle

Such a flaw stems from Nuclei's template signature verification process, with the simultaneous usage of regular expressions, or regex, and YAML parser potentially resulting in the introduction of a "\r" character read as a line break and leading to...

Misconfigurations in MyGiftCardSupply's Microsoft Azure Cloud instance leaked nearly 200,000 customers' selfie pictures and more than 600,000 identity document images, the most recent of which was from New Year's Eve, according to security researcher...

Infiltration of the hospital's network earlier that month resulted in the compromise of files, one of which had individuals' names, birthdates, Social Security numbers, state ID or driver's license numbers, biometric details, financial account data...

"Atos understands that external third-party infrastructure, unconnected to Atos, has been compromised by the group Space Bears. This infrastructure contained data mentioning the Atos company name, but is not managed nor secured by Atos," said the...

Malicious emails using code of conduct-related lures deceive targets into opening an image file-spoofing RAR archive that deploys a Windows executable that runs PLAYFULGHOST.

As AI, machine identities, and identity-based attacks surge, cybersecurity experts reveal strategies to protect sensitive data and maintain digital trust.

Megjelent a SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2025. januári száma, melyben azzal foglalkozunk, hogyan védhetjük meg az okosotthon eszközeit a kiberbűnözőktől.

The “Bad Likert Judge” method asks the LLM to evaluate a prompt’s harmfulness, then provide a harmful example.

The Federated Identity Credentials system is designed to minimize the number of times a user will have to hand over their secure credential information.

Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say.

Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it.

Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure.