Biztonsági szemle

Infiltration of systems enabled attackers to exfiltrate individuals' names, birthdates, Social Security numbers, and other government-issued ID numbers stored between April 14 and May 24.

Assessment of the leaked dataset revealed the compromise of millions of customer service tickets, some of which pertained to senior-ranking U.S. military officials.

All of the packages employed Intermediary Language Weaving to insert malicious code within a Portable Executable .NET binary.

FishXProxy bolsters the legitimacy of phishing sites by exploiting Cloudflare Workers and SSL certificates.

Operations of the Chinese state-sponsored threat group APT41 have been strengthened with the inclusion of the updated StealthVector malware loader variant dubbed "DodgeBox."

Attacks by CRYSTALRAY involved the utilization of several open-source software tools, including the Sliver post-exploitation toolkit.

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers. CISA encourages customers to review the following AT&T...

Here are three ways security teams can automate security tests to better combat cyber threats.

A 2024. 28. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.07.05. és 2024.07.11. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The gang's time from initial access to draining data out of a Veeam server is shockingly fast; after which the attackers went on to deploy actual ransomware in less than a day.