China’s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. […] Go to Source Author: Sergiu Gatlan
Author Archives: Onsite Computing, Inc.
Microsoft has fixed a known issue causing “boot device inaccessible” errors during startup on some Windows Server 2025 systems using iSCSI. […] Go to Source Author: Sergiu Gatlan
Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: ‘As technology continues to evolve, so do cybercriminals’ tactics.’ This article explores some of the impacts of this GenAI-fueled acceleration. […]
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas […]
The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network’s domain controller as part of their post-compromise strategy. “RansomHub has targeted over 600 organizations globally, spanning sectors Go to Source […]
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql. […]
Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. […] Go to Source Author: Bill Toulas
Cybersecurity experts weigh in on the red flags flying around the new Department of Government Efficiency’s handling of the mountains of US data it now has access to, potentially without basic information security protections in place. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading
Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform. […] Go to Source Author: Bill Toulas