Biztonsági szemle

Ransomware operation HelloKitty has coincided its rebranding to HelloGookie with the publication of internal Cisco network data exfiltrated from a 2022 attack, exfiltrated source code for several CD Projekt Red games from a 2021 attack, and four...

Intrusions with the Waterbear backdoor and its updated variant dubbed "Deuterbear" have been deployed by China-linked threat operation BlackTech — also known as Earth Hundun, Manga Taurus, Circuit Panda, Temp.Overboard, Palmerwom, Red Djinn, and...

Vulnerable CrushFTP file transfer server software instances impacted by a critical virtual file system escape zero-day have been subjected to ongoing targeted attacks that could enable the download of system files, Security Affairs reports.

BleepingComputer reports that ongoing attacks exploiting the critical Palo Alto Networks PAN-OS command injection flaw, tracked as CVE-2024-3400, could still compromise nearly 22,500 Palo Alto GlobalProtect firewall instances around the world despite...

Discover the four steps to transforming your agency's technical debt to speed modernization and enhance mission innovation.

The industry has talked about BIAs for years – and most providers still lean on cyber insurance in the wake of attack. That has to change.

It has been nearly three years since we last looked at the number of industrial devices (or, rather, devices that communicate with common OT protocols, such as Modbus/TCP, BACnet, etc.) that are accessible from the internet[ 1]. Back in May of 2021...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up.

Hackers claim to have obtained the records by breaching a third party with access to the database.