Researchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit. Go to Source Author: Rob Wright
Author Archives: Onsite Computing, Inc.
Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Microsoft has reinstated the ‘Material Theme – Free’ and ‘Material Theme Icons – Free’ extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn’t actually malicious. […] Go to Source Author: Bill Toulas
A new ransomware operator named ‘Mora_001’ is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack. […] Go to Source Author: Bill Toulas
Microsoft is now testing an AI-powered text summarization feature in Notepad and a Snipping Tool “Draw & Hold” feature that helps draw perfect shapes. […] Go to Source Author: Sergiu Gatlan
Microsoft is investigating a known issue that causes the new Outlook email client to crash when users click the “Go to classic Outlook” button, which should help them switch back to the classic Outlook. […] Go to Source Author: Sergiu Gatlan
Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. […] Go to Source Author: Sergiu Gatlan
GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws. […] Go to Source Author: Bill Toulas
Just like with any regular computer, researchers figured out how to crack into, force restart, and upload malware to an aftermarket in-vehicle infotainment system. Go to Source Author: Nate Nelson, Contributing Writer
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. […]