The cyberattack impacts at least 1.4 million patients, as tranches of highly sensitive personal, medical, and financial data fall into the hands of cyber crooks who have everything they need to carry out convincing social engineering and fraud attacks. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
Author Archives: Onsite Computing, Inc.
CISA has issued this year’s first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. […] Go to Source Author: Sergiu Gatlan
Actions direct agencies to deploy specific security configurations to reduce cyber-risk. Go to Source Author:
A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. […] Go to Source Author: Bill Toulas
Go to Source Author:
A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said. […]
Three vulnerabilities in the service’s Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware. Go to Source Author: Elizabeth Montalbano, Contributing Writer
The Irish Data Protection Commission (DPC) fined Meta €251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach impacting 29 million Facebook accounts. […] Go to Source Author: Bill Toulas
Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports. […] Go to Source Author: Bill Toulas
Program designed to validate and sharpen cybersecurity skills for working professionals. Go to Source Author: