Biztonsági szemle

Misconfigurations, weak authentication, and logic flaws are among the main drivers of API security risks at many organizations.

Factory automation software from Mitsubishi Electric and Rockwell Automation could be subject to remote code execution (RCE), denial-of-service (DoS), and more.

As organizations centralize IT security, the risk of espionage is silently becoming a more profitable threat.

In this new AI era, the technology landscape has forever changed how people and technology work across our physical and digital worlds. Learn how Cisco is strategically evolving how they do business – connecting the digital world to your most...

The CISO Top 10 reports for Q3 2024 provide critical insights into the key areas where today’s CISOs are focusing their efforts, both from a management and technology perspective.

When a CISO can articulate risk in context to the business as a whole, development teams can better prioritize their activities.

Such postponement comes after Recall was subjected to several delays since June due to security concerns associated with the feature, which has since been allayed by Microsoft with its assurances of an opt-in experience, a completely encrypted...

Infiltration of systems belonging to Mystic Valley, which caters to older adults and people with disabilities, have enabled the exfiltration of names, birthdates, Social Security numbers, payment card and financial account numbers, passport numbers...

The U.S. Commerce Department has been urged by Sen. Ron Wyden, D-Ore., to bolster the already robust proposed U.S. tech rules that would prevent the utilization of the country's surveillance tools in repressive countries amid concerns of potential...

Such a vulnerability, which arises from an insufficient security hash check vulnerable to brute-forcing, could be successfully abused with the activation of certain configurations within the plugin's crawler feature.

Attacks exploiting the authentication weakness within the 'lighthttpd' server, tracked as CVE-2024-8957, and the insufficient input sanitization bug, tracked as CVE-2024-8957, could enable camera hijacking and bot compromise, as well as further...

Such an intrusion has prompted automated delivery of the malicious lottie-player NPM package versions among users who obtained the library through third-party content delivery networks.