Attackers are exploiting a recently disclosed remote code execution vulnerability in Microsoft SharePoint to gain initial access to corporate networks. SharePoint’s main role in the Microsoft 365 ecosystem is for building intranets and dedicated web applications to support organizational processes. It is also used to build websites, and to gather together files in SharePoint teams […]
Author Archives: Onsite Computing, Inc.
Microsoft has confirmed several bugs causing install and Blue Screen of Death (BSOD) issues impacting Windows Server 2025 systems with more than 256 logical processors. […] Go to Source Author: Sergiu Gatlan
German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. “The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical skills of their own,” the Federal Criminal […]
This week was a total digital dumpster fire! Hackers were like, “Let’s cause some chaos!” and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? 🕵️♀️) We’re talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas! 🥷 […]
As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain. Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide. Data from the Imperva Threat Research team’s Go to […]
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the “first real-world vulnerability” uncovered using the artificial intelligence (AI) agent. “We believe this is the first public example of an […]
Global cybersecurity workforce growth has stalled in spite of a clear and growing need for skilled workers. The latest edition of ISC2’s Cybersecurity Workforce Study, published last week, reports that the global cybersecurity workforce grew just 0.1% year-on-year to reach 5.5 million professionals. That’s in sharp contrast to the 8.7% growth seen in the equivalent […]
Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don’t contain information that could be exploited in future breaches of the company’s systems. […] Go to Source Author: Sergiu Gatlan
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka vishing) techniques to trick users into parting with their personal information. “FakeCall is an extremely sophisticated Vishing attack that leverages malware to take almost complete control of the mobile device, including the interception of incoming […]
Security information and event management (SIEM) solutions have been essential in cybersecurity for many years, but as the digital environment grows more complex older SIEM systems are posing significant challenges for the security professionals who manage them. If you’re weighing the pros and cons of the replacing an older SIEM system, or you’re worried that […]