Biztonsági szemle

TechCrunch reports that U.S. global apparel and footwear company VF Corporation, which owns Vans, The North Face, and Supreme, had data from 35.5 million customers compromised in a cyberattack last month, which has been claimed by the ALPHV/BlackCat...

Supply chain attacks possible with TensorFlow CI/CD misconfigurations TensorFlow instances on GitHub and PyPi could have been subjected to supply chain attacks involving the exploitation of continuous integration and continuous delivery...

SecurityWeek reports that seven vulnerabilities within the open-source industrial automation platform Rapid SCADA used in monitoring and control system development continue to be unaddressed despite being reported by Claroty researchers in July...

Attackers have been compromising vulnerable Docker services with the XMRig cryptocurrency mining malware and the 9HIts Viewer software as part of a novel hacking campaign that not only exfiltrates cryptocurrency but also generates fake website...

Remote access tool TeamViewer has been exploited in new ransomware attacks for initial network access and LockBit ransomware-based encryptor deployment, reports BleepingComputer.

A changing regulatory and enforcement environment means the smart CISO might need to shift how they work this year.

Three Microsoft applications can leak hashed passwords in just one or two clicks, researchers say.

Ivanti reported that it believes malicious code has been added to exploited Connect-Secure and Policy Secure products that allows a threat actor future access, even after mitigation is applied.

Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments.

A month on from a retail conglomerate's data breach, it's still not clear exactly what the hackers stole, but impacted brands include Dickies, Northface, Timberland, Vans, and more.

This bulletin includes coordinated influence operation campaigns terminated on our platforms in Q4 2023. It was last updated on January 19, 2024.OctoberWe terminated 8 Y…

The industry needs to break away from old-style certifications and focus more on continuous improvement, hands-on training, and realistic simulations.