Biztonsági szemle

Fixes have been issued by QNAP for two critical command injection vulnerabilities affecting its network-attached storage devices, which could be leveraged to facilitate arbitrary code execution, reports The Hacker News.

Malware distribution on Android devices has been facilitated by the new SecuriDropper dropper-as-a-service operation by evading Android 13's "Restricted Settings" functionality to breach "Accessibility Services," BleepingComputer reports.

TechCrunch reports that Israel-based secure browser developer Talon Cyber Security has been confirmed to be acquired by Palo Alto Networks.

Organizations around the world that have adopted network microsegmentation achieved ransomware attack recovery 11 hours earlier than those that did not but fewer than one-third have segregated their networks into numerous segments, according to...

NBC News reports that sensitive personal data from U.S. military personnel is not only prevalently advertised online but also cheap to obtain, with Duke University Sanford School of Public Policy researchers being able to purchase information...

Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being...

Israel had its education and tech organizations subjected to attacks by Iranian state-sponsored hacking operation Agonizing Serpens, also known as BlackShadow and Agrius, amid its ongoing war with Palestinian militant group Hamas, reports The Record...

Stealthier Jupyter infostealer discovered Attacks leveraging a new version of the Jupyter information-stealing malware, also known as Yellow Cockatoo, SolarMarker, and Polazert, with increased stealth capabilities have emerged, according to The...

Mounting North Korean cybersecurity activities leveraged to finance the country's weapons program have prompted the U.S., Japan, and South Korea to create a new high-level consultative group aimed at jointly averting such threats, according to The...

Kim Jong-Un's hackers are scraping the bottom of the barrel, using script kiddie-grade malware to steal devalued digital assets.

Jamf says North Korean subgroup of the financially motivated Lazarus Group targets specific users the threat actors believe have access to cryptocurrency.

Active ransomware attacks against vulnerable Atlassian Confluence Data Center and Servers ratchets up risk to enterprises, now reflected in the bug's revised CVSS score of 10.