Biztonsági szemle

The critical bug, given a maximum CVSS score of 10 by Atlassian, requires an urgent update to the fixed version to avoid exploitation.

Nearly 200K WordPress sites could be vulnerable to the attack thanks to CVE-2023-6000, lurking in the PopUp Builder plug-in.

WoS cybersecurity creates a united front for governments to defend against threat actors, harden security postures, and protect constituents who depend on services.

“It goes to show that every software vulnerability has some non-minor percentage of people who will never apply the patch in a timely manner," researchers.

Tisztelt Ügyfelünk! A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) frissített[1] riasztást ad ki, az Ivanti Connect Secure és az Ivanti Policy Secure szoftvereket érintő 0. napi, kritikus kockázati besorolású sérülékenységek...

IAM providers had their own credentials stolen in 2023, and companies found they couldn’t quite quit passwords.

Dark Reading Research finds increased collaboration between security incident responders and groups within the HR, legal, and communications functions.

Developer-security company Snyk acquired Helois, a startup specializing in capturing security-relevant data from live applications.

Anyone who hasn't mitigated two zero-day security bugs in Ivanti VPNs may already be compromised by a Chinese nation-state actor.

The updated disclaimer follows Google’s agreement to settle a class-action privacy lawsuit.