Biztonsági szemle
2024. Szep. 30.
Biztonsági szemle
Critical NVIDIA Container Toolkit bug has widespread impact
All NVIDIA Container Toolkit versions up to 1.16.1 and GPU Operator instances up to version 24.6.1 are impacted by the flaw, which stems from the absence of secure containerized GPU isolation from the host that exposes sensitive host file system and...
2024. Szep. 30.
Biztonsági szemle
DCRat malware spread with HTML smuggling
Attacks involved the distribution of malicious Russian-language HTML files impersonating TrueConf and VK Messenger apps, which when opened stealthily downloads a password-protected ZIP file with a nested RarSFX archive that launches DCRat.
2024. Szep. 30.
Biztonsági szemle
US moves against Iranians allegedly behind Trump campaign breach
Bounties of up to $10 million have also been introduced by the U.S. State Department for any information about the hackers — who were noted by a joint federal statement to have shared stolen Trump campaign materials with individuals previously linked...
2024. Szep. 30.
Biztonsági szemle
Active Directory attack guidance issued by Five Eyes
With Microsoft AD being mostly targeted via Kerberoasting, AS-REP roasting, and password spraying attacks, as well as Microsoft Entra Connect, GPP password, MachineAccountQuota, and certificate service compromise, organizations should leverage...
2024. Szep. 30.
Biztonsági szemle
Shadow AI, Data Exposure Plague Workplace Chatbot Use
Productivity has a downside: A shocking number of employees share sensitive or proprietary data with the generational AI platforms they use, without letting their bosses know.
2024. Szep. 30.
Biztonsági szemle
Why citizens and campaigns need to improve AI literacy in this very political year
Disinformation spread by deepfakes are rampant in this election cycle – and that’s why the industry needs to help foster AI literacy.
2024. Szep. 28.
Biztonsági szemle
Gemini for Workspace susceptible to indirect prompt injection, researchers say
Gmail emails, Google Slides and Google Drive files could be used to manipulate the LLM.
2024. Szep. 27.
Biztonsági szemle
CUPS vulnerabilities put Linux systems at risk of remote code execution
Four vulnerabilities in the Common Unix Printing System (CUPS) could allow for RCE.
2024. Szep. 27.
Biztonsági szemle
Millions of Kia Vehicles Open to Remote Hacks via License Plate
The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs.
2024. Szep. 27.
Biztonsági szemle
How Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?
Companies that commit to risk management have a strong cybersecurity foundation that makes it easier to comply with the SEC's rules. Here is what you need to know about 8K and 10K filings.
2024. Szep. 27.
Biztonsági szemle
Novel Exploit Chain Enables Windows UAC Bypass
Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
2024. Szep. 27.
Biztonsági szemle
RaaS group Storm-0501 targets hybrid cloud environments in the US
Financially motivated group uses legit Python key and hash management tool to steal credentials.