Biztonsági szemle
2024. Aug. 5.
Biztonsági szemle
Critical Apache OFBiz Vulnerability Allows Preauth RCE
The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.
2024. Aug. 5.
Biztonsági szemle
TikTok Lawsuit shows that app developers are responsible for protecting the privacy of minors
App developers can expect the government to crack down on companies that violate privacy rights – especially apps targeted towards children.
2024. Aug. 5.
Biztonsági szemle
China's Evasive Panda Attacks ISP to Send Malicious Software Updates
The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.
2024. Aug. 5.
Biztonsági szemle
Linux kernel exploitation SLUBStick can read and write memory arbitrarily
Researchers from Graz University of Technology showed how the vulnerability worked across nine CVEs.
2024. Aug. 5.
Biztonsági szemle
Startup Spotlight: LeakSignal Helps Plug Leaky Data in Organizations
Cybersecurity startup LeakSignal, a finalist in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environments.
2024. Aug. 5.
Biztonsági szemle
Startup Spotlight: Knostic Tackles AI's Oversharing Problem
Cybersecurity startup Knostic, a finalist in this year's Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data doesn't get leaked.
2024. Aug. 5.
Biztonsági szemle
TikTok faces US lawsuit alleging child privacy violations
Aside from not implementing adequate safeguards to prevent sign-ups from children younger than 13 without parental consent until late 2020, TikTok also has a "convoluted" data deletion process and has not adhered to parents' requests to remove data...
2024. Aug. 5.
Biztonsági szemle
BianLian contacts Sable International customers following attack
Global UK-based immigration services provider Sable International had its customers emailed by the BianLian ransomware operation in a bid to pressure ransom payment following an advanced cyberattack that disrupted the firm's servers, website, and...
2024. Aug. 5.
Biztonsági szemle
Security bypass possible with now-addressed Rockwell Logix PLC flaw
Intrusions leveraging the flaw against impacted modules on the 1756 chassis containing the devices' communication processors, controllers, and I/O modules could result in the execution of common industrial protocol commands enabling the alteration of...
2024. Aug. 5.
Biztonsági szemle
Protect Data Differently for a Different World
Adopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric security approach.
2024. Aug. 5.
Biztonsági szemle
Misconfigured databases leak 4.6M Illinois election records
Included in the information leaked by the misconfigured databases were individuals' names, addresses, Social Security numbers, and other sensitive personally identifiable information, as well as ballot templates and other election records.
2024. Aug. 5.
Biztonsági szemle
Home users increasingly targeted by global Magniber ransomware campaign
Intrusions, which were noted by BleepingComputer and ID-Ransomware to have increased in prevalence since July 20, were reported by some victims to have resulted in device encryption following the execution of cracked software and key generators.