Biztonsági szemle
2024. Ápr. 29.
Biztonsági szemle
D-Link NAS Device Backdoor Abused, (Mon, Apr 29th)
End of March, NetworkSecurityFish disclosed a vulnerability in various D-Link NAS devices [1]. The vulnerability allows access to the device using the user "messagebus" without credentials. The sample URL used by the PoC was:
2024. Ápr. 29.
Biztonsági szemle
Misconfiguration exposes Empire Distribution data
U.S. independent record label Empire Distribution, which has worked with Kendrick Lamar, Snoop Dogg, and 50 Cent, had its sensitive data exposed as a result of an environment file misconfiguration, Cybernews reports.
2024. Ápr. 29.
Biztonsági szemle
California state welfare platform hack impacts over 19K accounts
Officials at the California Statewide Automated Welfare System disclosed that over 19,000 accounts in the state's BenefitsCal welfare program portal were compromised for almost a year, reports The Record, a news site by cybersecurity firm Recorded...
2024. Ápr. 29.
Biztonsági szemle
Malware deployed via job interview-spoofing NPM packages
Attacks deploying a malicious Python backdoor via fraudulent NPM packages spoofing as job interviews have been targeted at software developers by suspected North Korea-linked threat actors as part of the ongoing DEV#POPPER social engineering campaign...
2024. Ápr. 29.
Biztonsági szemle
Belarus security agency allegedly subjected to hacktivist attack
Belarus had its primary KGB security agency's network claimed to have been compromised by the Belarusian Cyber-Partisans hacktivist operation, resulting in the theft of data belonging to more than 8,600 KGB employees, The Associated Press reports.
2024. Ápr. 29.
Biztonsági szemle
Old Microsoft Office bug leveraged to compromise Ukraine
Ukraine had its systems subjected to attacks involving the exploitation of an almost seven-year-old Microsoft Office remote code execution vulnerability, tracked as CVE-2017-8570, to facilitate Cobalt Strike deployment late last year, reports The...
2024. Ápr. 29.
Biztonsági szemle
Comply-to-Connect and Cisco ISE: Revolutionizing the Department of Defense
Comply-to-Connect and Cisco ISE are better together! Discover how they're revolutionizing the Department of Defense.
2024. Ápr. 29.
Biztonsági szemle
Ten years of Heartbleed: Lessons learned
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
2024. Ápr. 29.
Biztonsági szemle
What to know about each stage of the CISO maturation cycle
Here’s a blueprint on the skills and types of people needed for the CISO role as the company evolves.
2024. Ápr. 29.
Biztonsági szemle
ISC Stormcast For Monday, April 29th, 2024 https://isc.sans.edu/podcastdetail/8958, (Mon, Apr 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2024. Ápr. 27.
Biztonsági szemle
Tracking Energy Consumption at the Cisco Store
Follow along with the Cisco Store as we baseline our energy consumption in a conscious effort to boost sustainable practices!
2024. Ápr. 26.
Biztonsági szemle