Biztonsági szemle

The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully.

The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.

As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.

The U.S. has continued its crackdown against North Korean IT worker scams with sanctions against the country's government weapons trading office Department 53 and its Laos-based front companies Korea Osong Shipping and Chonsurim Trading Corporation...

Included in the data exposed by the server were personally identifiable information, job application forms, Security Industry Authority cards, payroll details, TrustID validated documents, and invoices from up to two decades ago, according to...

Infiltration of Wolf Haldenstein's systems facilitated the compromise of individuals' full names, Social Security numbers, employee identification numbers, medical diagnoses, and medical claim details, none of which has been misused so far, said the...

While major German manufacturer Covestro confirmed having its U.S. logistics server's data impacted by the Clop hack, leading U.S. car rental firm Hertz, Western Alliance Bank, and Arrow Electronics disclosed the lack of any evidence suggesting that...

All FBI devices leveraging the agency's AT&T public safety service were noted by a document and officials close to the matter to have been impacted by the incident, which was previously reported to have compromised nearly 109 million customers' call...

Included in the exposed firewall data are IP addresses, passwords, and configuration files, said Belsen Group in its post on the hacking forum.

Both campaigns involved the distribution of malicious emails purporting to be invoices, purchase orders, or quotation requests with attachments, which when opened triggers a PowerShell script fetching the trojanized image and executing a .NET-based...

Malicious emails under the guise of a U.S. government official sought to lure individuals part of the government and diplomacy sectors into joining a WhatsApp group on non-governmental initiatives for Ukraine NGOs through a shortened link that...

Aside from subjecting government IT contractors to minimum cybersecurity standards, Biden's EO also broadens sanctions against foreign cyber adversaries, mandates new cryptographic standards for federal agencies, orders the development of artificial...