Biztonsági szemle

With cybersecurity talent hard to come by and companies increasingly looking for guidance and best practices, virtual and fractional chief information security officers can make a lot of sense.

Aside from leveraging numerous notorious nuisance networks, VPNs, cloud hosting provider infrastructure, and other direct-path attack vectors, threat actors behind the coordinated DDoS campaign also exploited the DDoSia botnet to maximize intrusions.

While Microsoft has noted that leveraging the flaw — which was discovered by Microsoft employees Apoorv Wadhwa, Gautam Peri, and an anonymous researcher — could allow privilege escalation without authentication, additional details regarding its...

Malicious ads with time-limited offers and countdowns have been leveraged by threat actors to lure downloads of the predatory loan apps, which would seek unneeded permissions for SMS, contact, call record, phone storage, calendar, microphone, and...

Russian programmer Mikhail Pavlovich Matveev — who has been accused of being involved with the LockBit, Hive, and Babuk ransomware operations — has reportedly been apprehended and indicted by Russian authorities for developing data encrypting...

Alder Hey Children's Hospital got hit with a ransomware attack, while the nature of an incident at Wirral University Teaching Hospital remains undisclosed.

The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization.

Microsoft is readying a new release of Windows in 2025 that will have significant security controls, such as more resilient drivers and a "self-defending" operating system kernel.

The vast majority of red team exercises that I (and my team, of course) have been doing lately are assumed breach scenarios. In an assumed breach scenario (and we cover this in the amazing SEC565: Red Team Operations and Adversary Emulation SANS...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

There are many malicious scripts available on the Internet. Github has plenty of info stealers and RATs made available “for testing or research purposes”. Here is one that I found recently: Trap-Stealer[ 1]. Often those scripts are pretty well...