The U.S. State Department is offering a reward of up to $5 million for information that could help disrupt the activities of North Korean front companies and employees generating millions via illegal remote IT work schemes. […] Go to Source Author: Sergiu Gatlan
Author Archives: Onsite Computing, Inc.
In Operation PowerOFF, global authorities aim to deter individuals from engaging in malicious cyber acts. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The rules necessary to secure US communications have already been in place for 30 years, argues Sen. Wyden, the FCC just hasn’t enforced them. It’s unclear if they will help. Go to Source Author: Nate Nelson, Contributing Writer
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. […] Go to Source Author: Sergiu Gatlan
The Spanish police, working with colleagues in Peru, conducted a simultaneous crackdown on a large-scale voice phishing (vishing) scam ring in the two countries, arresting 83 individuals. […] Go to Source Author: Bill Toulas
US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. […] Go to Source Author: Bill Toulas
Security isn’t just about tools — it’s about understanding how the enemy thinks and why they make certain choices. Go to Source Author: Roei Sherman
Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks. “Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API Go […]
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. “BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims,” Lookout said in an analysis. […]
Details have emerged about a now-patched security vulnerability in Apple’s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved […]