Szolgáltatóknak

Relying on EOL software leaves critical systems exposed — making it a problem no business can afford to ignore.

Discover how Cisco's "Bridging the Customer AI Readiness Gap" study highlights opportunities for partners to drive AI adoption and revenue growth. Learn about our AI Specialization program and join the Early Access Community.

Phishing authors have long ago discovered that adding HTML attachments to the messages they send out can have significant benefits for them – especially since an HTML file can contain an entire credential-stealing web page and does not need to reach out to the internet for any other reason than to send the credentials a victim puts in a login form to an attacker-controlled server[ 1]. Since this approach can be significantly more effective than just pointing recipients to a URL somewhere on the internet, the technique of sending out entire credential-stealing pages as attachments has become quite commonplace.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Ivanti products have given us a rich corpus of vulnerabilities in recent months (years). Of course, we do see occasional scans attempting to exploit them. Just today, I spotted two of them. None of them is particularly new, but a reminder to keep patching (or disabling):

Disconnected data hurts cybersecurity by preventing clear, real-time insights.

The networking company found liable for illegally gathering user data for targeted advertising by the Irish Data Protection Commission.

Bug bounties of up to $1 million are available for researchers who find flaws in the platform.

Amazon broke up a phishing operation that impersonated thousands of Amazon Web Service (AWS) domains.