Biztonsági szemle
2025. Jan. 6.
Biztonsági szemle
Will AI Code Generators Overcome Their Insecurities This Year?
In just two years, LLMs have become standard for developers — and non-developers — to generate code, but companies still need to improve security processes to reduce software vulnerabilities.
2025. Jan. 6.
Biztonsági szemle
Windows LDAP vulnerability gains POC exploit
The compromise commences with the delivery of a CLDAP referral response packet to disrupt the Local Security Authority Subsystem Service before the subsequent sending of a DCE/RPC request to the targeted machine and the eventual designation of the...
2025. Jan. 6.
Biztonsági szemle
Crypto phishing losses surged in 2024
Wallet drainer attack activity was particularly elevated during the first three months of 2024, with the loss of $55.4 million worth of cryptocurrency in the year's biggest heist bringing stolen proceeds to $187 million, according to a study from...
2025. Jan. 6.
Biztonsági szemle
High-severity Nuclei signature verification bypass issue examined
Such a flaw stems from Nuclei's template signature verification process, with the simultaneous usage of regular expressions, or regex, and YAML parser potentially resulting in the introduction of a "\r" character read as a line break and leading to...
2025. Jan. 6.
Biztonsági szemle
Misconfigurations expose MyGiftCardSupply, Roomster customer data
Misconfigurations in MyGiftCardSupply's Microsoft Azure Cloud instance leaked nearly 200,000 customers' selfie pictures and more than 600,000 identity document images, the most recent of which was from New Year's Eve, according to security researcher...
2025. Jan. 6.
Biztonsági szemle
Over 670K impacted by Richmond University Medical Center ransomware attack
Infiltration of the hospital's network earlier that month resulted in the compromise of files, one of which had individuals' names, birthdates, Social Security numbers, state ID or driver's license numbers, biometric details, financial account data...
2025. Jan. 6.
Biztonsági szemle
Atos confirms third-party breach but rejects direct Space Bears compromise
"Atos understands that external third-party infrastructure, unconnected to Atos, has been compromised by the group Space Bears. This infrastructure contained data mentioning the Atos company name, but is not managed nor secured by Atos," said the...
2025. Jan. 6.
Biztonsági szemle
Novel PLAYFULGHOST infostealer emerges
Malicious emails using code of conduct-related lures deceive targets into opening an image file-spoofing RAR archive that deploys a Windows executable that runs PLAYFULGHOST.
2025. Jan. 6.
Biztonsági szemle
Identity Security in 2025: Defending against AI-driven cyberthreats and machine identity exploits
As AI, machine identities, and identity-based attacks surge, cybersecurity experts reveal strategies to protect sensitive data and maintain digital trust.
2025. Jan. 6.
Biztonsági szemle
Make Malware Happy, (Mon, Jan 6th)
When I teach FOR610[ 1], I like to use a funny quotation with my students: âMake malware happy!â What does it mean? Yes, we like malware, and we need to treat it in a friendly way. To help the malware work or detonate successfully, it's...
2025. Jan. 6.
Biztonsági szemle
ISC Stormcast For Monday, January 6th, 2025 https://isc.sans.edu/podcastdetail/9266, (Mon, Jan 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.