Biztonsági szemle

Cyber spending requests should consider the recently issued critical infrastructure national security memorandum, according to a memo issued by Office of Management and Budget Director Shalanda Young and National Cyber Director Harry Coker Jr.

Officials at Clay County, Indiana, have submitted a local disaster declaration filing following a ransomware incident earlier this week that resulted in the disruption of its courthouse, corrections, and probation offices.

Information compromised in the incident, including names and other personal data, has not been misused by attackers, said ARRL in a filing with the Office of Maine's Attorney General.

Attackers have only obtained access to an archive of The Daily Signal website dating back to 2022 but not access to any of the think tank's systems, according to Heritage spokesperson Noah Weinrich.

Infiltration of systems enabled attackers to exfiltrate individuals' names, birthdates, Social Security numbers, and other government-issued ID numbers stored between April 14 and May 24.

Assessment of the leaked dataset revealed the compromise of millions of customer service tickets, some of which pertained to senior-ranking U.S. military officials.

All of the packages employed Intermediary Language Weaving to insert malicious code within a Portable Executable .NET binary.

FishXProxy bolsters the legitimacy of phishing sites by exploiting Cloudflare Workers and SSL certificates.

Operations of the Chinese state-sponsored threat group APT41 have been strengthened with the inclusion of the updated StealthVector malware loader variant dubbed "DodgeBox."

Attacks by CRYSTALRAY involved the utilization of several open-source software tools, including the Sliver post-exploitation toolkit.

On July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers. CISA encourages customers to review the following AT&T...

Here are three ways security teams can automate security tests to better combat cyber threats.