Biztonsági szemle

Cyber ranges are a great way for cyber professionals to keep up on emerging threats and new technologies — while having a little fun.

As with most new deployments of information-security tools and models, modernizing your network security involves a fair amount of self-discovery, followed by due diligence on potential vendors and, finally, implementation. Here are the steps to...

After launching an investigation in February into vehicles made by foreign adversaries, the Biden administration is finally making its move in the name of national security.

Integration and coordination of threat intelligence across all your security tools isn’t just one of the benefits of implementing a consolidated security platform — it’s one of the primary reasons to do so.

Data discovery and classification are foundational for data security, data governance, and data protection.

Despite the shutdown of both chatbots — which provided free access to up to 20 data samples from 31.2 million datasets and PDF-based claim documents — more have emerged to distribute the stolen data.

Investigation conducted alongside blockchain security firm SlowMist noted the theft of nearly $44.7 million as a result of the incident although calculations are still ongoing, said BingX, which emphasized its immediate implementation of urgent asset...

Dell had its internal files claimed to be compromised by the threat actor "grep" just days after the same actor admitted to stealing 10,863 employee records from a breach earlier this month.

The misconfiguration revealed more than 106 million records with U.S. citizens' private information and over 2.3 million MC2 Data subscribers' data.

After obtaining initial access via local or domain account exploitation, Twelve proceeds to leverage Remote Desktop Protocol to facilitate further infrastructure penetration, as well as utilize other tools, including Cobalt Strike, Chisel, Mimikatz...

Such a development comes less than a week after the confirmed exploitation of the high-severity operating system command injection bug in CSA, tracked as CVE-2024-8190, which was believed to have been used alongside another vulnerability due to its...

Aside from leveraging spear-phishing emails, Earth Baxia also exploited the recently addressed critical GeoServer GeoTools flaw, tracked as CVE-2024-36401.