Biztonsági szemle

Nearly two dozen critical infrastructure organizations across the U.S., including an oil and gas pipeline and a Hawaii-based water utility, had their computer systems infiltrated by Chinese state-sponsored threat operations during the past 12 months...

Apache releases drop-in replacement and upgrade for critical security flaw that is similar to vulnerability that led to 2017 Equifax breach.

It's important for Congress to strengthen protections for AI and set guardrails to make sure it isn't used maliciously.

Attackers can inject and execute arbitrary PHP code using a flaw in Backup Migration, which has been downloaded more than 90K times.

In addition to Log4j, the North Korean threat group’s latest campaign also involves three previously unknown Dlang-based malware variants.

The UN is helping Ministry of Interior staff implement cybersecurity best practices, as talks continue about scheduling a parliamentary election in the coming months.

A decade after Target suffered a major security breach, are we still disregarding the gaping holes in our cyber fortifications?

Why Joe Sullivan feels paying off attackers was a way of solving the problem.

Here’s why organizations really need to do a better job managing the identities of their contractors.

TechRadar reports that vulnerable versions of the Apache Log4j software have been observed across 38% of apps between Aug. 15 and Nov. 15, indicating the enduring security risk of the software.

Exploitation of privilege escalation vulnerabilities accounted for 55% of insider threats from January 2021 to April 2023, while the remainder of threats involved offensive tool misuse, reports BleepingComputer.