Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses. […] Go to Source Author: Bill Toulas
Author Archives: Onsite Computing, Inc.
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […] Go to Source Author: Lawrence Abrams
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […] Go to Source Author: Lawrence Abrams
Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs. […] Go to Source Author: Mayank Parmar
A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. […] Go to Source Author: Bill Toulas
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than […]
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source […]
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims. These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or Go to […]
Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. […] Go to Source Author: Sergiu Gatlan
Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading