Biztonsági szemle
2024. szeptember 13.
Biztonsági szemle
Transport for London data compromised, suspected hacker arrested
Infiltration of TfL's internal systems on September 1 resulted in the exfiltration of some customers' names and contact information, as well as refund data belonging to nearly 5,000 Oyster cardholders.
2024. szeptember 13.
Biztonsági szemle
Novel payloads deployed in new OilRig APT campaign against Iraq
Attacks with the novel Veaty and Spearal malware strains have been deployed by Iranian state-backed advanced persistent threat operation OilRig, also known as APT34, against Iraqi government agencies and organizations as part of a new cyberespionage...
2024. szeptember 13.
Biztonsági szemle
Proxyjacking, cryptomining against Selenium Grid servers escalate
Threat actors part of the proxyjacking campaign exploited Selenium Grid servers' "goog:chromeOptions" configuration to facilitate deployment of a base64-encoded Python script, which enabled the retrieval of an open-source GSocket reverse shell.
2024. szeptember 13.
Biztonsági szemle
Attacks exploiting WhatsUp Gold flaws underway
After executing several PowerShell scripts using WhatsUp Gold's Active Monitor PowerShell Script functionality, threat actors proceeded with exploiting the 'msiexec.exe' Windows utility to install the Atera Agent, SimpleHelp Remote Access, Splashtop...
2024. szeptember 13.
Biztonsági szemle
Oracle WebLogic servers subjected to novel Hadooken malware attacks
After achieving initial server access via weak passwords, threat actors proceeded to launch a pair of scripts to retrieve the Hadooken malware, which features not only a cryptocurrency miner but also the Tsunami distributed denial-of-service botnet.
2024. szeptember 13.
Biztonsági szemle
Fortinet breach confirmed after massive leak
Major cybersecurity firm Fortinet has disclosed having information from fewer than 0.3% of its customers compromised following a cyberattack against its Microsoft Azure SharePoint server by the threat actor Fortibitch, which claimed to have stolen...
2024. szeptember 13.
Biztonsági szemle
Infinite perimeter: How modern consolidated security protects the cloud
A consolidated security platform that bundles together distributed networking and cloud-native security tools can cut costs and speed implementation as you modernize your systems.
2024. szeptember 13.
Biztonsági szemle
Five ways to prepare for the post-quantum computing era
The quantum computing era will arrive in a few short years – now’s the time to plan for it.
2024. szeptember 13.
Biztonsági szemle
Microsoft VS Code Undermined in Asian Spy Attack
A technique to abuse Microsoft's built-in source code editor has finally made it into the wild, thanks to China's Mustang Panda APT.
2024. szeptember 13.
Biztonsági szemle
Stability concerns holding back patching practices
The stability cost of patching a bug can prevent many developers from remedying a known flaw in their own software.
2024. szeptember 13.
Biztonsági szemle
Old WHOIS domain could have issued countless fraudulent TLS/SSL certificates
Researchers bought an expired WHOIS server domain for $20 and quickly received millions of WHOIS queries.
2024. szeptember 13.
Biztonsági szemle
TAG Bulletin: Q3 2024
This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q3 2024. It was last updated on September 12, 2024.JulyWe terminated 89 Y…