Biztonsági szemle

Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks.

The NVD (National Vulnerability Database) announcement page ( https://nvd.nist.gov/general/news/nvd-program-transition-announcement) indicates a growing backlog of vulnerabilities that are causing delays in their process.

Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools that help organizations and people protect themselves against the devious combination.

Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve that situation and you close an attack vector.

While a longstanding method, the scale and systematic execution of the attacks signify an escalation, security pros said.

"Kapeka" and "Fuxnet" are the latest examples of malware to emerge from the long-standing conflict between the two countries.

Attackers exploited a critical vulnerability to create a new administrator account.

Once attackers have control over a workload in the cluster, they can leverage access for lateral movement both inside the cluster and to external resources.

Users will need to download the latest version of Ivanti's Avalanche to apply fixes for all of the bugs.

The U.S. Department of Justice announced that former Amazon security engineer Shakeeb Ahmed was given a three-year prison sentence after exfiltrating more than $12.3 million from two decentralized finance cryptocurrency exchanges hacked in July 2022...