According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Author Archives: Onsite Computing, Inc.
CISA tagged a vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. […] Go to Source Author: Sergiu Gatlan
The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware. Go to Source Author: Jai Vijayan, Contributing Writer
Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November. […] Go to Source Author: Bill Toulas
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. […] Go to Source Author: Sergiu Gatlan
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. […] Go to Source Author: Bill Toulas
Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. […] Go to Source Author: Sergiu Gatlan
The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant’s internal database. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. […] Go to Source Author: Bill Toulas