Biztonsági szemle

The accused include North Korean citizens Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso De Los Reyes, and US citizens Erick Ntekereze Prince and Emanuel Ashtor.

The US Court of Appeals has vacated the original sentence of Conor Brian Fitzpatrick, also known as Pompompurin, who is the founder of the BreachForums cybercrime marketplace.

"A new certificate has already been deployed in OCS, and any server that is updated to any Exchange Server Cumulative Update or Security Update newer than March 2023 will continue to be able to check for new EEMS mitigations," the Exchange Team said.

Eclypsium, the enterprise firmware and hardware security firm that discovered the flaws, analyzed three firewall models: PA-3260, PA-1410, and PA-415, and reported that all were affected by the BootHole vulnerability, a GRUB2 bootloader flaw that...

The issue was described as a microcode signature verification vulnerability and could potentially allow unauthorized microcode to bypass verification mechanisms and be loaded into affected CPUs.

The tool's latest features focus on proactive prevention of account compromise and enhanced threat response capabilities, as well ways to make these capabilities available to a broader range of customers.

The new security tool is integrated into the company's Edge browser and uses machine learning and computer vision to identify fraudulent full-screen pop-ups that trick users into installing malware or purchasing unnecessary software.

The flaw could have allowed threat actors to take control of user accounts, enabling them to impersonate targets when booking or canceling reservations and using victims' airline loyalty points.

Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.

Learn how IPv6 is finally gaining momentum, offering fresh opportunities as we move beyond the limits of IPv4.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation , as confirmed by Fortinet. CVE-2025-24085 Apple Multiple Products Use-After-Free Vulnerability These types of...

Attackers like to mix multiple technologies to improve the deployment of their malicious code. I spotted a small script that drops a Python malware. The file was sent on VirusTotal and got a score of 2/60![ 1] (SHA256...