An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. […] Go to Source Author: Bill Toulas
Author Archives: Onsite Computing, Inc.
The Texas municipality is following its incident response playbook as it works with a third-party to investigate the scope and scale of the attack. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates all suffered apparent or confirmed ransomware attacks this month. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
A hacking group dubbed ‘Elusive Comet’ targets cryptocurrency users in social engineering attacks that exploit Zoom’s remote control feature to trick users into granting them access to their machines. […] Go to Source Author: Bill Toulas
Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in Windows Subsystem for Linux 2 (WSL2). […] Go to Source Author: Lawrence Abrams
South Korea’s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers. […] Go to Source Author: Bill Toulas
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Cybersecurity researchers have detailed a malware campaign that’s targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly profit off the compute resources. This involves deploying a malware strain Go to […]
The recommended Ripple cryptocurrency NPM JavaScript library named “xrpl.js” was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallets. […] Go to Source Author: Lawrence Abrams
A proof-of-concept attack called “Cookie-Bite” uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, Outlook, and Teams. […] Go to Source Author: Bill Toulas