Biztonsági szemle

Even though there has been no clear evidence indicating ongoing active exploitation of CVE-2012-4792, the vulnerability, which could enable remote execution of arbitrary code, had been leveraged in watering hole attacks deployed against Capstone...

Infiltration of Michigan Medicine's employee email accounts on May 23 and 29 enabled the exfiltration of individuals' names, birthdates, addresses, medical record numbers, diagnostic and treatment details, and health insurance information, as well as...

While the exfiltrated data was claimed to contain two million records of users linked to firms leveraging Bullhorn, such information was noted by Bullhorn to have been obtained from a third party that integrated with the firm and has not impacted its...

While IPC Template Instances delivered to the Falcon sensor via Rapid Response Content updates between March and April were thoroughly examined by CrowdStrike's Content Validator, one of the two other IPC Template Instances pushing the identification...

This World Nature Conservation Day, we invite you to learn more about the impactful work that some of our nonprofit partners are doing in this area.

Such a security issue — which stems from the background creation of a Cloud Build service account and its default connection to a Cloud Build instance following Cloud Function creation or updating — could be leveraged by attackers to infiltrate other...

Stargazer Goblin used such GitHub Ghost accounts to establish the legitimacy of hundreds of repositories touted to be for social media, gaming, and cryptocurrency, according to a Check Point Research report.

"While there were significant outages, disruption and loss of business, and an overall lack of system resilience, I am very encouraged overall by how everyone responded."

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Positron S.R.L Equipment: Broadcast Signal Processor TRA7005 Vulnerability: Authentication Bypass Using an...

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released a joint Cybersecurity Advisory, North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs. The...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...