Incident, ki se je zgodil maja 2024, je bil eden največjih v zgodovini podjetja Dell, saj je razkril osebne podatke približno 49 milijonov strank. Kršitev podatkov je bila posledica izkoriščanja ranljivosti v API-ju partnerjevega portala, kar je razkrilo resne pomanjkljivosti v varnosti API-jev. V tej podrobni razlagi bomo raziskali, kaj se je zgodilo, kako je…
F5 Distributed Cloud WAAP (Web Application and API Protection) predstavlja celovito rešitev za obvladovanje specifičnih izzivov, ki jih prinaša NIS2 direktiva. Ta direktiva, ki se osredotoča na izboljšanje varnosti omrežij in informacijskih sistemov v Evropski uniji, postavlja visoke standarde za organizacije, ki delujejo v kritičnih sektorjih. F5 WAAP združuje več ključnih komponent, ki so kritične…
The Irish Data Protection Commission Initiates Inquiry into Google’s AI Model The Irish Data Protection Commission (DPC) has raised eyebrows by launching a formal investigation into Google’s essential artificial intelligence (AI) model. This inquiry aims to ascertain whether the tech giant has upheld data protection laws while handling the personal information of European users. Key…
Iraqi Government Networks Targeted by Iranian State-Sponsored Cyber Attacks Iraqi government networks are facing a wave of sophisticated cyber attacks orchestrated by an Iran-based threat actor known as OilRig. This state-sponsored group has set its sights on prominent Iraqi organizations, including the Prime Minister’s Office and the Ministry of Foreign Affairs. According to cybersecurity firm…
Unveiling the Q2 2024 Cato CTRL SASE Threat Report Cato CTRL (Cyber Threats Research Lab) recently dropped a bombshell in the cybersecurity realm with the release of its Q2 2024 Cato CTRL SASE Threat Report. This comprehensive report delves into the intricate analysis of a mind-boggling 1.38 trillion network flows extracted from over 2,500 of…
Enhancing Security with Mandatory Two-Factor Authentication on WordPress.org Introduction In an effort to bolster account security, WordPress.org has unveiled a new policy that will make two-factor authentication (2FA) mandatory for accounts with the authority to update plugins and themes, starting from October 1, 2024. The Significance of Two-Factor Authentication Two-factor authentication has become a crucial…
Evolution of Quad7 Botnet The Quad7 botnet operators are making waves in the cybersecurity world by constantly evolving their tactics. They are now targeting various brands of SOHO routers and VPN appliances, such as TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR. This unsettling development was revealed in a recent report from Sekoia, a French cybersecurity…
The DragonRank Campaign: A Threat to SEO Security In a recent development, a coordinated cyberattack campaign has emerged, targeting various countries across Asia and Europe. This campaign focuses on manipulating search engine rankings through illicit means, posing a serious threat to the integrity of SEO practices. Codename: DragonRank Cisco Talos, a prominent cybersecurity firm, has…
The Singapore Police Force Cracks Down on Cyber Criminals The cybersecurity landscape is constantly evolving, and law enforcement agencies worldwide are always on the lookout for cybercriminals. Recently, the Singapore Police Force (SPF) made a significant breakthrough in their fight against cybercrime. Arrest of Six Individuals The SPF announced the arrest of five Chinese nationals…
The Promise and Perils of Passwordless Authentication In the realm of cybersecurity, the idea of passwordless authentication has been gaining momentum as a potential solution to the perennial problem of password management. The allure is undeniable: the thought of never having to remember another password is appealing to both end users and IT teams alike….