The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it’s now using a new and improved “ElizaRAT” malware. Go to Source Author: Jai Vijayan, Contributing Writer
Author Archives: Onsite Computing, Inc.
The bug affected accounts with 52-character user names, and had several pre-conditions that needed to be met in order to be exploited. Go to Source Author: Dark Reading Staff
Threat actors are abusing DocuSign’s Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. […] Go to Source Author: Bill Toulas
As businesses worry over deepfake scams and other AI attacks, organizations are adding guidance for cybersecurity teams on how to detect, and respond to, next-generation threats. That includes Exabeam, which was recently targeted by a deepfaked job candidate. Go to Source Author: Robert Lemos, Contributing Writer
Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company’s JIRA server. […] Go to Source Author: Lawrence Abrams
Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. […] Go to Source Author: Sergiu Gatlan
UK’s National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named “Pigmy Goat” created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. […] Go to Source Author: Bill Toulas
A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. […] Go to Source Author: Bill Toulas
A research tool by the company found a vulnerability in the SQLite open source database, demonstrating the “defensive potential” for using LLMs to find vulnerabilities in applications before they’re publicly released. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Hacker aus China, Nord-Korea, Russland und dem Iran erhalten immer mehr Unterstützung, um ihre kriminellen Machenschaften für den Staat einzusetzen. Andy.LIU/Shutterstock.com Staatlich geförderte Bedrohungsakteure sind keine Unbekannten, wenn es um Operationen unter falscher Flagge geht. Sie geben sich dabei als cyberkriminelle Gruppen aus oder verlassen sich auf diese, um ihre wahren Ziele und Identität zu […]