Biztonsági szemle

Most severe of the vulnerabilities is the undocumented features inclusion issue, tracked as CVE-2024-52564, which could be exploited to facilitate remote firewall deactivation, device setting manipulation, and arbitrary OS command execution...

After compromising the Romanian Permanent Electoral Authority's IT infrastructure on Nov. 19, threat actors went on to expose the account credentials for several of the country's election sites while deploying persistent intrusions that sought to...

Earth Minotaur leverages instant messaging apps to send messages with malicious links purporting to be Tibetan or Uyghur music and dance-related videos, which redirected to dozens of MOONSHINE exploit kit servers that would enable the download of a...

Aside from luring children into providing sexually explicit photos of themselves, such methods have also been used to force youths into harming family members and animals, as well as committing suicide, an intelligence report from the Joint Regional...

Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange...

In this SC Media InFocus, Security Weekly News' Adrian Sanabria discusses improving cyber defenses against ransomware with Semperis' Mickey Bresman.

Four flaws in open-source machine learning tools could lead to code execution or path traversal.

An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on 'key Scattered Spider members' and their tactics.

The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.

There’s bipartisan support for a tougher stance on China’s attacks on U.S. telecoms, including issuing stiff fines.

New infections of NSO Group's Pegasus spyware have been discovered by mobile threat hunting firm iVerify across seven of 2,500 scanned iPhones, one of which belonged to an unnamed major business leader, who was in disbelief when informed about the...

Malicious apps spoofing the Google Chrome, Google Play Store, and Android Security apps have been leveraged to lure targets into downloading DroidBot Android banking trojan, which not only enables keystroke logging and fake login page overlaying but...