Biztonsági szemle

Intrusions with the malicious payload, which compromises cryptocurrency wallet addresses by intercepting clipboard data, peaked in late August, according to a new advisory from Binance, which noted clipper malware distribution via unofficial Android...

While most of the scams involved spearphishing attacks spreading the Atomic macOS Stealer via malicious Zoom meeting client builds, Marko Polo also impersonated productivity software, blockchain-based projects, and online games to facilitate...

Aside from containing vehicle owners' names, birthdates, and phone numbers, such an Elasticsearch cluster also featured vehicle production dates, chassis and engine numbers, and other records with a "special needs" designation, according to Cybernews...

Almost 35,000 brute-force attempts have been conducted by threat actors against a single host's Microsoft SQL Server leveraged by the accounting software for database operations, according to researchers from Huntress.

While information in the stolen database, which has been peddled on BreachForums, was purported to include customers' full names, birthdates, gender, usernames and IDs, hashed passwords, phone numbers, shipping addresses, and IP addresses, Temu...

After installing dependencies and upgrading .NET to version 8, ransomware gangs leveraged several Azure Storage Explorer instances to accelerate uploads of stolen files to Azure Blob storage before being transferred to their storage, according to a...

Learn why Cisco Routed Optical Networking has been deployed by more than 200 customers who have increased capacity, reduced energy consumption, and lowered network costs complexity, and footprint.

Can cyber defenders use the presence of infostealers as a canary in the coal mine to preempt ransomware attacks?

Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the...

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27348 Apache HugeGraph-Server Improper Access Control Vulnerability CVE-2020-0618 Microsoft SQL Server...

A few months ago, I wrote a diary[ 1] about a Python script that replaced the Exodus[ 2] Wallet app with a rogue one on macOS. Infostealers are everywhere these days. They target mainly browsers (cookies, credentials) and classic applications that...