Biztonsági szemle

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-50623 Cleo Multiple Products Unrestricted File Upload Vulnerability These types of vulnerabilities are frequent...

A 2024. 50. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.12.06. és 2024.12.12. között kezelt incidensek statisztikai adatait is tartalmazza.

A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

More than 90% of survey respondents reported taking measures to counter AI-enhanced attacks.

The retail chain said that normal activity was not affected in its SEC filing on the incident.

Under the program, HITRUST-certified organizations gain access to exclusive coverage and rates.

Addressing integration challenges in identity management is essential for businesses to thrive in today’s interconnected world. By focusing on automation, standardization, and centralized management, security teams can not only enhance operational...

Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations.

Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows.

Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.