Biztonsági szemle

Hackers are using a sophisticated social engineering ruse targeting IT help desk staff to gain initial access to healthcare organizations.

The Cybersecurity and Infrastructure Security Agency has been urged by the U.S. Chamber of Commerce and over 20 industry groups to implement a 30-day extension to the two-month feedback period for its draft rule under the Cyber Incident Reporting for...

Technology firms would be subjected to online data collection restrictions under a new bipartisan and bicameral draft online privacy bill unveiled by Senate Commerce Committee Chair Maria Cantwell, D-Wash., and House Energy and Commerce Committee...

CyberScoop reports that the ALPHV/BlackCat ransomware operation has ramped up efforts to launder proceeds from ransomware attacks, including the $22 million ransom reportedly provided by UnitedHealth Group following an intrusion against its payment...

Ransomware has reportedly brought upon a week-long outage at U.S. bakery-cafe fast food restaurant chain Panera Bread beginning March 22 that disrupted its internal IT systems, point-of-sale systems, phones, mobile apps, and website, according to...

Acuity has disclosed that only old and non-sensitive data had been stolen from its breached GitHub repositories amid an ongoing U.S. State Department probe into IntelBroker's claims regarding the theft and exposure of U.S. government and military...

Hackread reports that the U.S. Environmental Protection Agency had data from almost 8.5 million individuals exposed following a major data breach claimed to have been conducted by threat actor USDoD.

Attacks leveraging an already fixed critical Magento vulnerability, tracked as CVE-2024-20720, have been launched against e-commerce websites to facilitate the distribution of a Stripe payment skimmer for financial data exfiltration, according to The...

BleepingComputer reports that attacks leveraging a recently patched high-severity heap overflow vulnerability, tracked as CVE-2024-21894, could impact nearly 16,500 internet-exposed Ivanti Connect Secure and Poly Secure VPN gateways.

More than 92,000 outdated internet-exposed D-Link Network Attached Storage devices could be breached in attacks exploiting a newly discovered arbitrary command injection and hardcoded backdoor vulnerability, tracked as CVE-2024-3273, which could...

Here are four insights into how security pros can judge new AI products when vendors say they were “battle-tested in Ukraine.”

At the Microsoft Security Response Center (MSRC), our mission is to protect our customers, communities, and Microsoft from current and emerging threats to security and privacy. One way we achieve this is by determining the root cause of security...