Biztonsági szemle

Half will be allocated by T-Mobile toward cybersecurity improvements, with the telecommunications firm pledging to strengthen its cybersecurity posture by implementing data minimization, inventory, and disposal processes, critical network asset...

Included in the records stored in the unsecured WordPress folder named "Facial Recognition Uploads" were names, biometric images, phone numbers, racial or ethnic identities, email addresses, and reasons for facial DNA analysis.

The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire.

Infiltration of Patelco's systems on May 23 enabled the exfiltration of individuals' names, birthdates, Social Security numbers, driver's license numbers, and/or email addresses although the stolen information varied among impacted individuals...

Kimsuky was discovered by Google Mandiant researchers to have deployed spear-phishing attacks involving contract lures with U.S. defense contractors redirecting to fraudulent login pages spoofing those of a telecommunications firm and an email...

Additional details regarding the extent or perpetrators of the breach were not provided but the French international news agency said that global news coverage had not been affected by the intrusion while noting an ongoing investigation into the...

Threat actors leveraged the zero-day to infiltrate three of Rackspace's internal monitoring web servers with the ScienceLogic app and the third-party utility, facilitating access to customers' account names and numbers, usernames, Rackspace...

Such an intrusion involved threat actors compromising a software-as-a-service user's email account to determine potentially exploitable conversations where they could deliver an email purporting to be a reply to a message about tax and payment...

More aggressive offensive measures were emphasized by officials to be crucial in foiling increasingly prevalent post-takedown recovery efforts by ransomware operations ahead of this week's International Counter Ransomware Initiative meeting.

Amid the noise of new solutions and buzzwords, understanding the balance between securing infrastructure and implementing runtime security is key to crafting an effective cloud strategy.

By planting agents inside code running in production, a new generation of application security tools make it possible to get better at detecting hidden threats that lurk in the application layer.