Biztonsági szemle

Threat actors leveraged search results for the query 'Are Bengal Cats legal in Australia?' which when clicked enabled the download of a malicious ZIP archive installing the GootKit information-stealing payload and remote access trojan, according to a...

Numerous systems have been initially targeted with the RustyStealer credential-harvesting tool to facilitate high-privilege account compromise and lateral movement prior to the execution of SystemBC malware-related scripts and exfiltration of data...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Microsoft has delivered a bounty of patches this November in its latest edition of Patch Tuesday.

The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could...

The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.

Reportedly 2.8 million Amazon records alone were exposed.

The essays are to focus on the impact that artificial intelligence will have on European policy.

Learn more about why the Cisco Foundation invested in Carbon Reform, a startup with solutions that address both indoor air quality and energy efficiency, through its Regenerative Future Fund.

Adaptive Shield is the third security posture management provider the company has acquired in the last 14 months as identity-based attacks continue to rise.

This month, Microsoft is addressing a total of 83 vulnerabilities. Among these, 3 are classified as critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Organizations are encouraged to prioritize...

Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.