Biztonsági szemle
2024. december 19.
Biztonsági szemle
RansomHub emerges as dominant ransomware group as 2024 ends
Employing tactics such as living-off-the-land techniques and targeting both Linux and Windows systems, the group is suspected to include former affiliates of LockBit and BlackCat.
2024. december 19.
Biztonsági szemle
Rise in hands-on-keyboard cyberattacks highlights detection challenges
Adam Meyers, senior vice president of counter-adversary operations at CrowdStrike says manual attacks, which involve direct interaction with compromised systems rather than relying on malware or automated tools, are gaining traction among...
2024. december 19.
Biztonsági szemle
Apple patches TCC bypass vulnerability
The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links.
2024. december 19.
Biztonsági szemle
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn't enough to fix it.
2024. december 19.
Biztonsági szemle
Bridging the 'Keyboard-to-Chair' Gap With Identity Verification
Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability.
2024. december 19.
Biztonsági szemle
Vendors Chase Potential of Non-Human Identity Management
Non-human identities authenticate machine-to-machine communication. The big challenge now is to secure their elements and processes — before attackers can intercept.
2024. december 19.
Biztonsági szemle
Malvertisers Fool Google With AI-Generated Decoy Content
Seemingly innocent "white pages," including an elaborate Star Wars-themed site, are bypassing Google's malvertising filters, showing up high in search results to lure users to second-stage phishing sites.
2024. december 19.
Biztonsági szemle
CISA Releases Draft of National Cyber Incident Response Plan
The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government will use in response to a large-scale cyber incident.
2024. december 19.
Biztonsági szemle
Supply Chain Risk Mitigation Must Be a Priority in 2025
A balance of rigorous supplier validation, purposeful data exposure, and meticulous preparation is key to managing and mitigating risk.
2024. december 19.
Biztonsági szemle
How weaponized AI drives CISO burnout – and what to do about it
Existing tools bury analysts in data – we need a proactive approach focused on prevention, not just detection.
2024. december 19.
Biztonsági szemle
India Sees Surge in API Attacks, Especially in Banking, Utilities
The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target.
2024. december 19.
Biztonsági szemle
Hacker sentenced to 69 months for stealing payment card info
A 32-year-old was sentenced on criminal hacking charges related to a data-stealing malware operation.