Biztonsági szemle

Fraudulent crypto token trades have allegedly been conducted by the indicted firms and individuals to lure more investors, according to the Justice Department, which noted the sequestration of over $25 million worth of cryptocurrency and several wash...

Investigation into the incident revealed the exfiltration of personal data from Casio and its affiliates' permanent and temporary employees, business partners, customers, and interviewed prospects for employment, as well as contracts with business...

Aside from the names and contact information of 2,606 Game Freak employees and contractors, such data exposure also revealed internal files, concept art, and other development documents from over 25 years ago, including designs from Pokemon Black and...

After injecting PowerShell commands in a vulnerable web server, OilRig proceeds to leverage CVE-2024-30088 to facilitate password filter DLL registration for plaintext credential capturing, 'ngrok' utility installation for covert communications, and...

Organizations have been warned by the Cybersecurity and Infrastructure Security Agency about ongoing attacks exploiting unencrypted F5 BIG-IP Local Traffic Manager module-managed persistence cookies to discover other devices within the targeted...

Major U.S. telecommunications firms AT&T, Verizon, and Lumen Technologies have been urged by House Energy and Commerce Committee leaders to provide more information on their response to Chinese state-backed threat operation Salt Typhoon's successful...

Cisco has been helping government agencies address their unique security and compliance challenges for decades. We continue to progress with FedRAMP.

The new Catalyst ESS9300 Embedded Series switch sets a new standard in military communications by adopting SOSA, CMOSS, and OpenVPX architectures.

I receive a lot of spam in my catch-all mailboxes. If most of them are not interesting, some still attract my attention. Especially the one that I'll describe in this diary. The scenario is classic, an important document is pending delivery...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Wireshark release 4.4.1 fixes 2 vulnerabilities and 27 bugs. One of these bugfixes is for the missing IP address plugin on Windows, see " Wireshark 4.4's IP Address Functions".

Companies are putting "AI" in just about all of their products, which opens up new security holes. LLM SecOps and ML SecOps are becoming must-have skills.