Biztonsági szemle

CISA released two Industrial Control Systems (ICS) advisories on October 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-275-01 Optigo Networks ONS-S8 Spectra...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-F FX5-OPC Vulnerability: NULL Pointer Dereference 2. RISK EVALUATION Successful exploitation of this...

Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)—in partnership with CISA, U.S. government and international partners—released the guide Principles of Operational Technology Cybersecurity. This guidance...

By planting agents inside code running in production, a new generation of application security tools make it possible to get better at detecting hidden threats that lurk in the application layer.

Let’s not waste almost two years holding hearings while China continues its attacks – increase the cyber budget and get to work.

Passwords are a problem and it’s hard to make a good one. So what can you do? Make them long, make them random, and maybe use a password manager.

Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Despite its good intentions, many experts said the bill took a flawed approach to regulating AI safety.

Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space.

A team of security researchers discovered a vulnerability that allows for Kia cars to be remotely compromised with nothing more than a license plate number.