Biztonsági szemle

Nations continue to sign the Code of Practice for States in an effort to curb commercial spyware, yet implementation and enforcement concerns have yet to be figured out.

The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations.

PAN points out that to date, the brute-force attacks have not led to exploitation.

The most damaging attacks continue to be ransomware, but financial fraud claims are more numerous — and both are driven by increasing third-party breaches.

With $4.4 billion in worldwide data breach fines in 2024, the cost of not knowing who's walking into your systems is devastating.

Developing strong incident response plans remains an area that requires significant improvement. Here are some shortcomings and how to address them.

SecurityWeek reports that fixes have been issued by Juniper Networks for dozens of security issues impacting its Junos OS and Junos OS Evolved offerings, as well as Junos Space third-party dependencies.

Ninety percent of 40 widely known genetic testing services firms, including 23andMe, Ancestry, and MyHeritage, had received a C grade at most for their cybersecurity efforts, indicating the pervasiveness of poor cybersecurity practices across the DNA...

Numerous state and local governments across the U.S. have disclosed disruptions stemming from separate cyber intrusions, reports The Record, a news site by cybersecurity firm Recorded Future.

Researchers characterize the company's artificial intelligence chatbot as less secure than ChatGPT and even DeepSeek.

Cybernews reports that South Korean multinational manufacturing and services conglomerate SK Group had over 1 TB of data allegedly compromised in an attack claimed by the Russia-linked Qilin ransomware-as-a-service group, also known as Agenda.

Attacks leveraging a recently patched high-severity authentication bypass vulnerability in the widely used OttoKit plugin for WordPress, tracked as CVE-2025-3102, were found by Patchstack to have occurred just four hours following its public...