Biztonsági szemle

After exploiting the Safari remote code execution flaw, tracked as CVE-2020-9802, for initial access, the updated LightSpy payload triggers an exploit chain with jailbreak and loader stages prior to malware core delivery on devices running on iOS...

Knee-jerk reactions to major vendor outages could do more harm than good.

Attackers leveraged pernicious ads to lure targets into downloading ZIP packages with the malicious Electron app in the guise of legitimate software, which downloads the SYS01 infostealer that primarily compromises Facebook credentials while...

On the heels of a Chinese APT eavesdropping on phone calls made by Trump and Harris campaign staffers, Beijing says foreign nations have mounted an extensive seafaring espionage effort.

Az elmúlt időszakban jelentősen megnövekedett a látszólag magyar féltől érkező, magyar nyelvű, telefonos vagy csevegőplatformokon keresztüli közvetlen megkeresésen alapuló internetes csalási kísérletek száma.

Despite the absence of laws specifically covering AI-based attacks, regulators can use existing rules around fraud and deceptive business practices.

The company's data loss prevention platform helps customers identify and classify data across SaaS and GenAI applications, endpoints, and emails.

The “Jumpy Pisces” cyberespionage group appeared to provide initial access for ransomware deployment.

The National Security Memorandum on Artificial Intelligence tasks various federal agencies with securing the AI supply chain from potential cyberattacks and disseminating timely threat information about such attacks.

The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation.

Threat actors are using an Android malware payload to pull off an elaborate social-engineering scam.