Biztonsági szemle

Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely.

The space agency needs to implement stricter policies and standards when it comes to its cybersecurity practices, but doing so the wrong way would put machinery at risk, a federal review found.

Microsoft Graph API has become popular with hackers because running criminal ops on widely used cloud services raises less suspicion.

Charges against the ransomware gang member included damage to computers, conspiracy to commit fraud, and conspiracy to commit money laundering.

Patch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.

While attackers have targeted AI systems, failures in AI design and implementation are far more likely to cause headaches, so companies need to prepare.

SiliconAngle reports that Menlo Security and Google Cloud have entered a new partnership deal aimed at bolstering cybersecurity for their customers.

The U.S. Department of Justice announced the arrest of former cybersecurity consultant Vincent Cannady, who allegedly extorted $1.5 million from a New York-based multinational IT infrastructure services provider where he was assigned by a staffing...

Organizations remediated security issues added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog 3.5 times faster than those that are not in the catalog, according to The Record, a news site by...

Software firms have been urged by the FBI and Cybersecurity and Infrastructure Security Agency to ensure the absence of path traversal or directory traversal vulnerabilities in their products prior to shipping, BleepingComputer reports.

FedScoop reports that increasing artificial intelligence-related cybersecurity risks have prompted Sens. Mark Warner, D-Va., and Thom Tillis, R-N.C., to introduce the Secure AI Act of 2024.