Biztonsági szemle

Users of the MyAtriumHealth patient portal, formerly MyCarolinas, between January 2015 and July 2019 may have had their names, home and email addresses, phone numbers, treatment or provider details, IPs, and browser cookies exposed to Meta, Google...

Information allegedly exfiltrated by 8Base included invoices, receipts, personal and confidential data, accounting documents, employment contracts, confidential agreements, certificates, and other sensitive details.

Termite — which has already compromised seven victims, two of which are in the U.S. — was regarded by Cyble researchers to be a Babuk ransomware rebrand due to significant similarities between both strains' ransomware binaries.

We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.

The new administration wants fewer physical wars and more cyber ops – a policy aimed to counter the massive nation-state cyber campaigns of our adversaries.

While Sirius XM has allegedly engaged in the sharing of sensitive user data with unaffiliated third parties and other groups without notifying users and obtaining their consent, the MyRadar weather app, Miles travel rewards app, and Tapestri...

Under the proposed FCC rule, telecommunications entities would not only need to ensure their networks' defenses against "unlawful access and interception" but also be required to undergo yearly cybersecurity risk management plan certifications.

Such a crackdown on Manson Market — which commenced in late 2022 following a reported increase in fake phone calls spoofing bank employees — also resulted in the seizure of more than 50 of its servers containing over 200 TB of data, as well as the...

Nearly 150 employees of the financial entity have been compromised by Ogletree in a phishing campaign between October and November 2023 that sought to exfiltrate account credentials via company-spoofing phishing sites, the complaint alleged.

Intrusions leveraging CVE-2024-41713, which stems from insufficient input validation in MiCollab's NuPoint Unified Messaging component, could facilitate not only unauthenticated provisioning data access but also unauthenticated admin task execution...

Most severe of the vulnerabilities is the undocumented features inclusion issue, tracked as CVE-2024-52564, which could be exploited to facilitate remote firewall deactivation, device setting manipulation, and arbitrary OS command execution...

After compromising the Romanian Permanent Electoral Authority's IT infrastructure on Nov. 19, threat actors went on to expose the account credentials for several of the country's election sites while deploying persistent intrusions that sought to...