Biztonsági szemle

These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

This latest breach was through Zendesk, a customer service platform that the organization uses.

Cisco said its internal systems were not breached, but a small number of files may have been exposed.

The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.

The future of application security is no longer about reacting to the inevitable — it's about anticipating and preventing attacks before they can cause damage.

Attackers with at least "manager" privileges could leverage the BIG-IP vulnerability, tracked as CVE-2024-45844, to facilitate privilege escalation and systems compromise.

Only 12% of critical infrastructure professionals disclosed ransomware attacks against their organizations during the past 12 months, with half of the intrusions affecting either the OT network alone or both IT and OT networks.

Attackers leveraged a Nidec Precision employee's valid VPN account credentials to infiltrate the firm's server, enabling the exfiltration of more than 50,000 files, all of which remain unencrypted, including internal files, green procurement-related...

Advanced malware injection attacks have been conducted by threat actors against at least three reputable Radiant Capital contributors' devices, which were later leveraged to validate malicious transactions.

"At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published," said Cisco, which emphasized that none of its systems have been compromised and that users'...

Attackers targeted a government organization in a country part of the Commonwealth of Independent States with an email containing a concealed attached document and distinct tags within its body that facilitate arbitrary JavaScript execution.