The threat actor known as Rare Werewolf (formerly Rare Wolf) has been linked to a series of cyber attacks targeting Russia and the Commonwealth of Independent States (CIS) countries. “A distinctive feature of this threat is that the attackers favor using legitimate third-party software over developing their own malicious binaries,” Kaspersky said. “The malicious functionality […]
Author Archives: Onsite Computing, Inc.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and Roundcube to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-32433 (CVSS score: 10.0) – A missing authentication for a critical […]
The Arkana Security extortion gang briefly listed over the weekend what appeared to be newly stolen Ticketmaster data but is instead the data stolen during the 2024 Snowflake data theft attacks. […] Go to Source Author: Lawrence Abrams
The White House put limits on cyber sanctions, killed the digital ID program, and refocused the government’s cyber activities to enabling AI, rolling out post-quantum cryptography, and promoting secure software design. Go to Source Author: Becky Bracken
The White House put limits on cyber sanctions, killed the digital ID program, and refocused the government’s cyber activities to enabling AI, rolling out post-quantum cryptography, and promoting secure software design. Go to Source Author: Becky Bracken
The AI company’s investigative team found that many accounts were using the program to engage in malicious activity around the world, such as employment schemes, social engineering, and cyber espionage. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Since at least December, the advanced persistent threat (APT) group has been using legit tools to steal data, dodge detection, and drop cryptominers on systems belonging to organizations in Russia. Go to Source Author: Jai Vijayan, Contributing Writer
During the opening keynote at Gartner Security & Risk Management Summit 2025, analysts weighed in on how CISOs and security teams can use security fervor around AI and other tech to the betterment of their security posture. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
Over 84,000 instances of the Roundcube webmail software are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) vulnerability with a publicly available exploit. […] Go to Source Author: Bill Toulas
A vulnerability allowed researchers to brute-force any Google account’s recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks. […] Go to Source Author: Bill Toulas