Threat actors are abusing the APIs of trusted e-signing services platform DocuSign to send out convincing invoices in a new phishing campaign. In a research published this week, Cybersecurity firm, Wallarm, revealed that the campaign deviates from conventional phishing methods, which rely on deceptively crafted emails and malicious links, to evade detection tools. “These incidents […]
Author Archives: Onsite Computing, Inc.
Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some of these actually may be mission […]
INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure. “Of the approximately 30,000 suspicious IP addresses identified, 76 per […]
Security organizations help CISOs gain valuable industry certifications, tap into peer insights, stay in touch with changing technology, and offer networking opportunities. Here are some CISOs can join or follow to stay in the know. ISC2 International Information System Security Certification Consortium (ISC2) focuses on cybersecurity and information security, with around 664,000 members globally. Its […]
Meta has been fined 21.62 billion won ($15.67 million) by South Korea’s data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The country’s Personal Information Protection Commission (PIPC) said Meta gathered information such as Go […]
Most cybersecurity professionals are accustomed by now to the widespread adoption of open-source software (OSS) and the ever-growing threat of software supply chain attacks that target the OSS ecosystem. What we don’t seem to be getting better at is the management of dependencies — the reliance on external code or libraries that many OSS software […]
Google’s cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. “We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025,” Mayank Upadhyay, […]
Microsoft has positioned itself as a strong convert to passkeys, with a promise to deliver passkey support in its Microsoft Authenticator app in mid-January 2025. Even though all enterprises will have access, not all are prepared to embrace passkeys, at least not by January. For CISOs whose organizations are not quite ready, Microsoft is giving […]
Collaboration Tools wie Microsoft Teams und Slack erleichtern die Zusammenarbeit mit internen und externen Partnern enorm, bergen jedoch auch Risiken. Foto: Ascannio – shutterstock.com Schnelle und effiziente Zusammenarbeit ist in der heutigen Geschäftswelt unerlässlich, aber die Plattformen, über die wir mit Kollegen, Lieferanten, Kunden und Auftraggebern kommunizieren, können auch ernsthafte Risiken bergen. Ein Blick auf […]
Canadian authorities responding to a US request have arrested a man in southern Ontario for his alleged role in hacks of over 100 organizations that use the Snowflake cloud database. Following a request by the United States, a man was arrested on a provisional arrest warrant on Wednesday Oct. 30, 2024, Ian McLeod, a senior […]