Biztonsági szemle

Such a development comes less than a week after the confirmed exploitation of the high-severity operating system command injection bug in CSA, tracked as CVE-2024-8190, which was believed to have been used alongside another vulnerability due to its...

Aside from leveraging spear-phishing emails, Earth Baxia also exploited the recently addressed critical GeoServer GeoTools flaw, tracked as CVE-2024-36401.

Look for large state governments like New York to lead the way in addressing many of healthcare’s cybersecurity issues, not Congress.

While going over a batch of phishing e-mails that were delivered to us here at the Internet Storm Center during the first half of September, I noticed one message which was somewhat unusual. Not because it was untypically sophisticated or because it...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The APT group uses spear-phishing and a vulnerability in a geospatial data-sharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.

The Ukrainian government banned the Russian-owned Telegram app for official communications.

The FOCAL plan outlines baselines to synchronize cybersecurity priorities and policies across, as well as within, agencies.

The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).

A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.

The program seeks to adapt frameworks such as the NIST Cybersecurity Framework to address AI use.