Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May […]
Author Archives: Onsite Computing, Inc.
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024. While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point […]
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry. […] Go to Source Author: Sergiu Gatlan
The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem. The 25-year-old CVE program is a valuable tool for vulnerability management, offering a de facto […]
ChatGPT 4.1 is now rolling out, and it’s a significant leap from GPT 4o, but it fails to beat the benchmark set by Google’s most powerful model, Gemini. […] Go to Source Author: Mayank Parmar
Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. […] Go to Source Author: Bill Toulas
The remediated flaw gave adversaries a way to maintain access to the app through password resets. Go to Source Author: Jai Vijayan, Contributing Writer
Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Customer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. […] Go to Source Author: Bill Toulas