Szolgáltatóknak

MITRE has regarded cross-site scripting flaws as the most common and severe software vulnerabilities this year, followed by out-of-bounds write, SQL injection, cross-site request forgery, and path traversal issues.

Attacks involving Ghost Tap commence with the compromise of payment card data and one-time passwords for virtual wallets, which are then delivered by a relay server to money mules who could withdraw the funds without being easily detected, representing a marked improvement from the previously discovered NGate attacks that required ATM withdrawals for threat actors.

Intrusions by Liminal Panda, which had some components resembling those leveraged in LightBasin attacks, involved the utilization of the SIGTRANslator Linux ELF binary, network-scanning CordScan utility, and the PingPong backdoor, according to an analysis from CrowdStrike's Counter Adversary Operations team.

The future of cybersecurity isn't about preventing every breach — it's about learning and growing stronger with each attack.

We are excited to announce that Cisco is now publishing life cycle assessments (LCAs) for some of our hardware products.

When a cybersecurity incident occurs, it's not just IT systems and data that are at risk — a company's reputation is on the line, too.

Security Engineering Technical Leader Alice S. shares her experience representing her Native culture while supporting IỊisaġvik College and the Iñupiaq Alaska Native Tribe in the Arctic.

As cyber threats evolve, defending workloads in today’s multi-cloud environments requires more than traditional security. Attackers are no longer simply at the perimeter; they may already be inside, waiting to exploit vulnerabilities. This reality demands a shift from just keeping threats out to minimizing their impact when they breach. Cisco Secure Workload is at the […]

Google’s move will spur other providers to encourage MFA – and that’s a positive development for our industry.

CISA released seven Industrial Control Systems (ICS) advisories on November 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-326-01 Automated Logic WebCTRL Premium Server ICSA-24-326-02 OSCAT Basic Library ICSA-24-326-03 Schneider Electric Modicon M340, MC80, and Momentum Unity M1E ICSA-24-326-04 Schneider Electric Modicon M340, MC80, and Momentum Unity M1E ICSA-24-326-05 Schneider Electric EcoStruxure IT Gateway ICSA-24-326-06 Schneider Electric PowerLogic PM5300 Series ICSA-24-326-07 mySCADA myPRO Manager CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.