An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication. Go to Source Author: Nate Nelson, Contributing Writer
Author Archives: Onsite Computing, Inc.
Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident, which is believed to be linked to the ShinyHunters extortion group. […] Go to Source Author: Lawrence Abrams
A group of female cybersecurity pioneers will share what they’ve learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. Matanbuchus is the name given to a malware-as-a-service (MaaS) offering that can act as a conduit for next-stage payloads, including Cobalt Strike beacons and ransomware. First advertised in February […]
To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. […] Go to Source Author: Bill Toulas
A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. […] Go to Source Author: Ionut Ilascu
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. […] Go to Source Author: Bill Toulas
An international law enforcement operation dubbed “Operation Eastwood” has targeted the infrastructure of the pro-Russian hacktivist group NoName057(16), responsible for distributed denial-of-service (DDoS) attacks across Europe and the US. […] Go to Source Author: Lawrence Abrams
A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a group it tracks […]