Biztonsági szemle
2025. Dec. 11.
Biztonsági szemle
Using AI Gemma 3 Locally with a Single CPU , (Wed, Dec 10th)
Several months ago, I got a Nucbox K8 Plus minicomputer to use as a Proxmox 9 server. At the time of this acquisition, I didn't realize this minicomputer had an artificial intelligence (AI) engine [ 1] build in the CPU that could be used to...
2025. Dec. 11.
Biztonsági szemle
ISC Stormcast For Thursday, December 11th, 2025 https://isc.sans.edu/podcastdetail/9734, (Thu, Dec 11th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2025. Dec. 10.
Biztonsági szemle
Storm-0249 Abuses EDR Processes in Stealthy Attacks
The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks.
2025. Dec. 10.
Biztonsági szemle
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims' computers.
2025. Dec. 10.
Biztonsági szemle
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection), (Wed, Dec 10th)
Last year, Kubernetes fixed a command injection vulnerability in the Kubernetes NodeLogQuery feature (%%cve:2024-9042%%) [1]. To exploit the vulnerability, several conditions had to be met:
2025. Dec. 10.
Biztonsági szemle
Feds: Pro-Russia Hactivists Target US Critical Infrastructure
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve.
2025. Dec. 10.
Biztonsági szemle
ISC Stormcast For Wednesday, December 10th, 2025 https://isc.sans.edu/podcastdetail/9732, (Wed, Dec 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2025. Dec. 10.
Biztonsági szemle
Japanese Firms Suffer Long Tail of Ransomware Damage
Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to recover.
2025. Dec. 9.
Biztonsági szemle
Microsoft Fixes Exploited Zero Day in Light Patch Tuesday
Proof-of-concept exploit code is publicly available for two other flaws in this month's Patch Tuesday. In total, the company issued patches for more than 1,150 flaws this year.
2025. Dec. 9.
Biztonsági szemle
Focus Group and Mitchells & Butlers: Raising the Bar for Digital Transformation in Hospitality
Cisco, Focus Group, and Mitchells & Butlers collaborated on a £17M digital transformation across 1,700 UK venues, deploying Wi-Fi 7, SD-WAN, and security solutions to modernize hospitality infrastructure and enhance guest experiences.
2025. Dec. 9.
Biztonsági szemle
Microsoft Patch Tuesday December 2025, (Tue, Dec 9th)
This release addresses 57 vulnerabilities. 3 of these vulnerabilities are rated critical. One vulnerability was already exploited, and two were publicly disclosed before the patch was released.
2025. Dec. 9.
Biztonsági szemle
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR
Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target.