Biztonsági szemle
2025. ápr. 4.
Biztonsági szemle
Massive trove of underage deepfakes leaked by misconfigured GenNomis database
South Korean artificial intelligence firm AI-NOMIS had 47.8 GB of data with 93,485 explicit AI-generated images depicting underage individuals and JSON files belonging to its AI image generator platform GenNomis inadvertently exposed by a...
2025. ápr. 4.
Biztonsági szemle
Significant big data environment risk likely with maximum severity Apache Parquet bug
BleepingComputer reports that Amazon Web Services, Google, Microsoft Azure, Hadoop, and other big data platforms could be subjected to significant compromise through the exploitation of a maximum-severity remote code execution vulnerability impacting...
2025. ápr. 4.
Biztonsági szemle
Ongoing web skimmer campaign taps deprecated Stripe API
Nearly 50 online merchants have already been compromised in intrusions exploiting Stripe's legacy application programming interface "api.stripe[.]com/v1/sources" for payment data validation part of an advanced web skimmer campaign that has been...
2025. ápr. 4.
Biztonsági szemle
Exposed SpotBugs token caused GitHub supply chain intrusion, report finds
Exposed SpotBugs token caused GitHub supply chain intrusion, report finds More than 200 GitHub repositories had their secrets exposed in a supply chain attack against tj-actions/changed-files that was originally aimed at major U.S. cryptocurrency...
2025. ápr. 4.
Biztonsági szemle
Novel Wrecksteel malware deployed against Ukraine
Attacks with the nascent Wrecksteel malware were disclosed by Ukraine's Computer Emergency Response Team to have been launched by the UAC-0219 hacking operation against the country's government entities and critical infrastructure organizations last...
2025. ápr. 4.
Biztonsági szemle
Alleged massive SendGrid breach repudiated
Hackread reports that U.S. cloud communications firm Twilio has dismissed the purported breach of its platform and its cloud-based email delivery subsidiary SendGrid after the threat actor "Satanic" claimed to exfiltrate data from 848,960 SendGrid...
2025. ápr. 4.
Biztonsági szemle
Secure Communications Evolve Beyond End-to-End Encryption
Signal, Wickr, WhatsApp, and Cape all have different approaches to security and privacy, yet most are finding ways to make secure communications more private.
2025. ápr. 4.
Biztonsági szemle
Sajtószemle – 2025. 14. hét
A 2025. 14. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2025.03.28. és 2025.04.03. között kezelt incidensek statisztikai adatait is tartalmazza.
2025. ápr. 4.
Biztonsági szemle
Rafts of Security Bugs Could Rain Out Solar Grids
At least three major energy solution and renewable energy companies have nearly 50 vulnerabilities — many of them "basic" mistakes — indicating a lack of developed cybersecurity safeguards.
2025. ápr. 4.
Biztonsági szemle
ISC Stormcast For Friday, April 4th, 2025 https://isc.sans.edu/podcastdetail/9394, (Fri, Apr 4th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2025. ápr. 4.
Biztonsági szemle
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
A previously unknown remote code execution vulnerability in the Ivanti Connect Secure VPN platform is being actively exploited in the wild by Chinese threat actors, prompting alerts from Google’s Mandiant team
2025. ápr. 4.
Biztonsági szemle
Microsoft Boosts Email Sender Rules for Outlook
Beginning on May 5, the tech giant will enforce new email authentication protocols for Outlook users who send large volumes of email.