Volt Typhoon, a China-linked cyber-espionage group, has renewed its assault on US infrastructure through an advanced botnet operation, exploiting outdated Cisco and Netgear routers to breach critical networks. Volt Typhoon’s tactics mark a sophisticated escalation, as its hackers leverage end-of-life routers that no longer receive security updates, according to SecurityScorecard’s recent report. This renewed activity […]
Author Archives: Onsite Computing, Inc.
Das Böse ist immer und überall, sang schon die EAV – das gilt insbesondere auch für den Cyberraum. your – Shutterstock.com Die Zahl der Schadprogrammvarianten explodiert und die Cyberkriminellen agieren immer professioneller und aggressiver. Zu diesem Schluss kommt der Bericht zur Lage der IT-Sicherheit in Deutschland, den das Bundesamt für Sicherheit in der Informationstechnik (BSI) am […]
A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. “Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power supplies, cameras, routers, home automation systems, and […]
The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. “The campaign distributed the SnailResin malware, which activates the SlugResin backdoor,” […]
Despite having only a scant focus on cybersecurity regulations a decade ago, countries in the Middle East — led by Saudi Arabia and other Gulf nations — have adopted mature frameworks and regulations amid escalating volumes of attacks. Go to Source Author: Robert Lemos, Contributing Writer
Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated […]
The title of chief information security officer suggests that the position would come with a level of authority like that enjoyed by other “chief” officers such as the CEO or CFO – in this case, command over an organization’s security operations, strategy, and resource allocation. But for most CISOs, true command is often a frustrating […]
Diese Open-Source-Tools adressieren spezifische Security-Probleme – mit minimalem Footprint. Foto: N Universe | shutterstock.com Cybersicherheitsexperten verlassen sich in diversen Bereichen auf Open-Source-Lösungen – nicht zuletzt weil diese im Regelfall von einer lebendigen und nutzwertigen Community gestützt werden. Aber auch weil es inzwischen Hunderte qualitativ hochwertiger, quelloffener Optionen gibt, um Breaches und Datenlecks auf allen Ebenen […]
Microsoft has fixed several bugs that cause install, upgrade, and Blue Screen of Death (BSOD) issues on Windows Server 2025 devices with a high core count. […] Go to Source Author: Sergiu Gatlan
The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack. Go to Source Author: Jai Vijayan, Contributing Writer