Biztonsági szemle

Aside from collecting and evaluating user risk signals from account creation to post-login activities, Akamai Account Protector has been improved to enable risk management tailored to the risk tolerance and needs of its users.

Such an acquisition would facilitate the integration of Normalyze's DSPM technology into Proofpoint's cybersecurity platform, which would bolster sensitive data discovery and classification, risk evaluations and prioritization, and security and...

Using a malicious Chrome extension, researchers showed how an attacker could use a now-fixed bug to inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most...

ACROS Security has released free unofficial fixes for a zero-day flaw in Windows Themes, which could be leveraged to facilitate the remote compromise of NTLM credentials on devices running on Windows 7 to Windows 11 24H2.

Aside from enabling surveillance that curtails individuals' privacy rights, the UN cybercrime treaty — which has already been approved by the body's Ad Hoc Committee on Cybercrime — also requires the gathering and sharing of private internet user...

Increasingly prevalent state-sponsored intrusions have been partly fueled by escalating activities from both countries' non-state attackers, with Russia commonly tapping hacktivist groups and China partnering with universities and businesses in its...

Milan-based private investigations firm Equalize led by former top cop Carmine Gallo was reportedly behind the years-long hacking campaign, which was facilitated by bribes to police officers, remote access trojan compromise, and the breach of the...

The discoveries included three critical security vulnerabilities and 18 high-severity flaws.

Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.

At least two people responsible for operating the malware network that infected an estimated 1,200 servers.

A professional-grade tool set, appropriately dubbed "CloudScout," is infiltrating cloud apps like Microsoft Outlook and Google Drive, targeting sensitive info for exfiltration.

In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum.