Biztonsági szemle
2024. Okt. 21.
Biztonsági szemle
Why I'm Excited About the Future of Application Security
The future of application security is no longer about reacting to the inevitable — it's about anticipating and preventing attacks before they can cause damage.
2024. Okt. 21.
Biztonsági szemle
F5 fixes pair of product vulnerabilities
Attackers with at least "manager" privileges could leverage the BIG-IP vulnerability, tracked as CVE-2024-45844, to facilitate privilege escalation and systems compromise.
2024. Okt. 21.
Biztonsági szemle
ICS/OT cyber incident detection accelerates but response gaps remain
Only 12% of critical infrastructure professionals disclosed ransomware attacks against their organizations during the past 12 months, with half of the intrusions affecting either the OT network alone or both IT and OT networks.
2024. Okt. 21.
Biztonsági szemle
Ransomware-related breach disclosed by Nidec Corporation
Attackers leveraged a Nidec Precision employee's valid VPN account credentials to infiltrate the firm's server, enabling the exfiltration of more than 50,000 files, all of which remain unencrypted, including internal files, green procurement-related...
2024. Okt. 21.
Biztonsági szemle
Over $50M stolen in Radiant Capital crypto heist
Advanced malware injection attacks have been conducted by threat actors against at least three reputable Radiant Capital contributors' devices, which were later leveraged to validate malicious transactions.
2024. Okt. 21.
Biztonsági szemle
Cisco DevHub portal taken down amid data leak
"At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published," said Cisco, which emphasized that none of its systems have been compromised and that users'...
2024. Okt. 21.
Biztonsági szemle
Roundcube credentials targeted via patched XSS vulnerability
Attackers targeted a government organization in a country part of the Commonwealth of Independent States with an email containing a concealed attached document and distinct tags within its body that facilitate arbitrary JavaScript execution.
2024. Okt. 21.
Biztonsági szemle
Hacked access tokens leveraged to breach Internet Archive anew
Internet Archive's latest breach was noted by the threat actor to have stemmed from the digital library nonprofit's failure to rotate its authentication tokens.
2024. Okt. 21.
Biztonsági szemle
Russia subjected to intrusions with LockBit 3.0, Babuk ransomware
Initial access in a pair of intrusions part of the attack campaign involved Crypto Ghouls utilizing a VPN and a contractor's login credentials, followed by the exploitation of NSSM and Localtonet for remote access.
2024. Okt. 21.
Biztonsági szemle
Wiper malware deployed against Israel via spoofed ESET emails
Malicious emails alerting of state-sponsored intrusions have been sent to lure organizations' cybersecurity teams into downloading the fraudulent "ESET Unleashed program," which features several ESET DLLs and would enable file and data deletion upon...
2024. Okt. 21.
Biztonsági szemle
Oktane 2024: Okta bets big on AI and security industry collaboration
Okta brought its partners to Las Vegas for the annual Oktane conference. Here are the highlights.
2024. Okt. 21.
Biztonsági szemle
Why the industry needs GAAP-style accounting standards for cyber
For CISOs to keep the board apprised of the potential risks from a breach, they’ll need the security equivalent of the GAAP accounting standards.