Biztonsági szemle

Threat actors could potentially launch a software supply chain attack by exploiting a dependency confusion flaw impacting the archived Apache Cordova App Harness project, which had been discontinued five years ago, reports The Hacker News.

Operations at major medical diagnosis service provider Synlab Italia's laboratories, medical centers, and sampling points have been disrupted by a cyberattack on April 18, which initially temporarily interrupted telephone and computer access before...

This month the NTT Group combined the services of NTT Ltd. and NTT DATA to form NTT DATA, Inc., marking a significant milestone in the technology services industry and offering a deeper partnership between Cisco and NTT.

A state-sponsored hacking team employed a clever masquerade and elaborate back-end infrastructure as part of a five-year info-stealing campaign that compromised the US State and Treasury Departments, and hundreds of thousands of accounts overall.

Intrusions hijacking the eScan antivirus software's updating mechanism have been conducted by threat actors suspected to be linked to North Korean advanced persistent threat operation Kimsuky to facilitate the delivery of the sophisticated GuptiMiner...

North Korean state-sponsored advanced persistent threat operations Lazarus Group, Kimsuky, and Andariel were noted by South Korea's National Police Agency to have targeted several South Korean defense industry entities since late 2022 in a bid to...

Attacks increased by "only" 19% last year. But that number is expected to grow significently.

An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.

Just like you should check the quality of the ingredients before you make a meal, it's critical to ensure the integrity of AI training data.

Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities ( CVE-2024-20353, CVE...

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20353 Cisco ASA and FTD Denial of Service Vulnerability CVE-2024-20359 Cisco ASA and FTD Privilege Escalation...

AI presents great risks, but also promises many benefits – here’s how we can walk that tightrope safely.