Biztonsági szemle

Inadequate protection of the .env files used for web app configuration variable definitions has enabled the compromise of AWS Identity and Access Management and eventual cloud environment access, according to an analysis from Palo Alto Networks.

AI jailbreaks are not vulnerabilities; they are expected behavior.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-23897 Jenkins Command Line Interface (CLI) Path Traversal Vulnerability These types of vulnerabilities are...

Here’s an overview of the latest phishing attacks found by researchers – and three tips for mitigating them.

I found a tiny .bat file that looked not suspicious at all: 3650.bat (SHA256:bca5c30a413db21f2f85d7297cf3a9d8cedfd662c77aacee49e821c8b7749290) with a very low VirusTotal score (2/65)[ 1]. The file is very simple, it invokes a PowerShell:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Critics said the bill, meant to prevent mass AI-related casualties and cyberattacks, will crush AI open-source and innovation.

Administrators ready to take an early weekend have been served with what might be the scariest three words in IT: Critical SolarWinds Vulnerability.

Learn more about advanced technologies in mining that are actively contributing to reaching goals in the global sustainability agenda.

The last known cyberattack waged against Iranian infrastructure took place last December with the blame placed on Israel and the US.