Biztonsági szemle
2024. Aug. 2.
Biztonsági szemle
Attackers exploit StackExchange to load malicious packages to PyPI
Checkmarx researchers say the infostealer malware exfiltrated sensitive data and drained the crypto wallets of developers.
2024. Aug. 2.
Biztonsági szemle
Is the US Federal Government Increasing Cyber-Risk Through Monoculture?
In a monoculture, cybercriminals need to look for a weakness in only one product, or discover an exploitable vulnerability, to affect a significant portion of services.
2024. Aug. 2.
Biztonsági szemle
Remote SMB Security—Protect Your Business While Traveling
While summer is synonymous with vacations and relaxation, small and medium-sized business (SMB) owners cannot afford to let their cybersecurity take a break alongside their employees. Statistics show that 43% of cyberattacks target small businesses...
2024. Aug. 2.
Biztonsági szemle
Disney, Nike, IBM Signatures Anchor 3M Fake Emails a Day
A simple toggle in Proofpoint's email service allowed for brand impersonation at an industrial scale. It prompts the question: Are secure email gateways (SEGs) secure enough?
2024. Aug. 2.
Biztonsági szemle
Implementing Identity Continuity With the NIST Cybersecurity Framework
Having a robust identity continuity plan is not just beneficial but essential for avoiding financially costly and potentially brand-damaging outages.
2024. Aug. 2.
Biztonsági szemle
Third-Party Risk: Mitigation strategies
As partners, subcontractors, and hardware vendors enter the picture, network defenders need to reconsider what does and doesn’t constitute a threat.
2024. Aug. 2.
Biztonsági szemle
Inaugural Defense Department cyber policy head receives Senate nod
In his confirmation hearing for the assistant secretary of Defense for cyber policy post, Sulmeyer said that he would focus on strengthening U.S. digital forces' "combat power" and "sustained readiness" against increasingly sophisticated...
2024. Aug. 2.
Biztonsági szemle
Russian hackers part of US-Russia prisoner swap
NBC News reports that the U.S. has agreed to release convicted Russian hackers Vladimir Klyushin and Roman Seleznev, along with eight others, in exchange for Wall Street Journal reporter Evan Gershkovich and other American political prisoners held by...
2024. Aug. 2.
Biztonsági szemle
US, others commit to address data, privacy risks of connected cars
"The United States and like-minded nations will explore options for advancing affirmative cybersecurity standards and coordinating other possible policy measures to mitigate risks," said the U.S. State Department in a statement regarding the meeting...
2024. Aug. 2.
Biztonsági szemle
Massive CrowdStrike outage prompts class action
Despite repeatedly proclaiming the robustness of Falcon, CrowdStrike has not properly evaluated anti-threat updates prior to release leading to the widespread disruption, claimed the Massachusetts-based Plymouth County Retirement Association in its...
2024. Aug. 2.
Biztonsági szemle
GAO: Immediate EPA action in boosting water, wastewater sector cybersecurity needed
Aside from failing to perform risk assessments for the water and wastewater sector, the EPA has not also determined cybersecurity-related objectives, goals, activities, and performance measurements, as well as key roles and efforts coordination...
2024. Aug. 2.
Biztonsági szemle
Many VMware ESXi instances remain vulnerable to actively exploited bug
Despite the elevated detections, workarounds may have already been applied in some VMware ESXi instances, according to The Shadowserver Foundation.