CISA shared guidance for government agencies and enterprises on using expanded cloud logs in their Microsoft 365 tenants as part of their forensic and compliance investigations. […] Go to Source Author: Sergiu Gatlan
Author Archives: Onsite Computing, Inc.
A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. […] Go to Source Author: Bill Toulas
Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers’ credit cards and personal information. […] Go to Source Author: Bill Toulas
Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers’ credentials for the Google Ads platform. […] Go to Source Author: Sergiu Gatlan
Microsoft says it will drop support for Office apps in Windows 10 after the operating system reaches its end of support on October 14. […] Go to Source Author: Sergiu Gatlan
Over 660,000 exposed Rsync servers are potentially vulnerable new to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that could lead to remote code execution. […] Go to Source Author: Bill Toulas
BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Evidence suggests that some of the payloads and extensions may date as far back as April 2023. Go to Source Author: Elizabeth Montalbano, Contributing Writer
“Operation 99” uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. “The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages,” Jérôme Segura, senior […]