Biztonsági szemle

The U.S., Russia, and Canada accounted for most of the vulnerable Exim servers, which are on versions 4.97.1 or earlier, according to a report from Censys.

Nearly $15 million of the received payment, which was also confirmed by another source close to the matter, has been reallocated to over 20 addresses across five global exchanges.

While RansomHub admitted to having compromised Rite Aid customers' ID numbers and rewards numbers, Rite Aid emphasized that none of its clients' health information, financial details, and Social Security numbers have been exposed.

Allegedly included in the data dump were messages, files, and data sent by Disney's development team via Slack.

Infiltration of American Golf's systems has purportedly enabled the exfiltration of members' information, user IDs, passwords, and secret keys, as well as emails, licenses, passports, reports, and financial details.

Malicious Microsoft Excel files have been used by threat actors to facilitate the execution of a Samba file share-hosted VBS code.

Several decentralized finance platforms, including Compound Finance, Celer Network, and Pendle, had domains registered with Squarespace impacted by DNS hijacking attacks on Thursday.

GenAI has created great excitement and promise, but security teams still must grapple with the risks.

Many organizations lack policies and training to address the risk of shadow IT, including GenAI.

The bug (CVE-2024-6385) is similar — but not identical — to a critical flaw GitLab patched just two weeks ago.