Biztonsági szemle

Windows 11 machines remain open to downgrade attacks, where attackers can abuse the Windows Update process to revive a patched driver signature enforcement (DSE) bypass.

The nation leads in the number of capture-the-flag tournaments sponsored by government and industry — a strategy from which Western nations could learn.

Five of the most prominent intelligence agencies in the world are teaming up to help small businesses become more secure

Delta argues that it lost hundreds of million of dollars in downtime and other costs in the aftermath of the incident, while CrowdStrike says it isn't liable for more than $10 million.

SafeBreach argues that Microsoft’s narrow definition of a flaw leaves the Windows kernel open to attacks.

Posing as an application used to locate Ukrainian military recruiters, a Kremlin-backed hacking initiative delivers malware, along with disinformation designed to undermine sign-ups for soldiers in the war against Russia.

LLMs tend to miss the forest for the trees, understanding specific instructions but not their broader context. Bad actors can take advantage of this myopia to get them to do malicious things, with a new prompt-injection technique.

At the Audit + Beyond Conference, professionals from audit, compliance, and IT security gathered to emphasize that AI is transforming risk management.

Such features, which have been implemented across all versions of Cisco ASA and FTD this month, ensure protection against continuous failed remote access VPN service authentication attempts.

Aside from implementing tougher quality assurance processes and improving vulnerability detection, software makers should also conduct phased rollouts and establish mechanisms for continuous feedback.

Investigation into the attack, which prompted the activation of backup systems to ensure the continued operations of northern and central Mexico airports..