Biztonsági szemle

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the...

By giving users specific feedback on recent attacks and offering interactive forums, companies can keep their staffs up-to-speed on the latest threats.

The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.

The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.

One of my hunting rules hit on potentially malicious PowerShell code. The file was an MSI package (not an MSIX, these are well-known to execute malicious scripts[ 1]). This file was a good old OLE package:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

While there are smart people and good leaders in other fields, we need to cultivate and grow leaders from the existing cybersecurity workforce, too.

Palo Alto research found many open-source projects can be compromised through public artifacts.

Australia's Evolution Mining said its IT systems were infected with ransomware in an Aug. 8 cyber incident.

Microsoft Azure chatbots charged with handling personal medical data could be tricked into handing over personal data for hundreds of customers.

Attackers are already actively exploiting six of the bugs and four others are public, including one for which Microsoft has no patch yet.

In addition to Microsoft patches, Adobe also addressed 71 CVEs across its products.