Der Arzneimittelhändler AEP kann derzeit keine Ware an Apotheken liefern. Ursache ist eine Cyberattacke. Felix Geringswald – Shutterstock.com Der Arzneimittelgroßhändler AEP stellte am 28. Oktober fest, dass seine Systeme durch einen Cyberangriff verschlüsselt wurden. Nach eigenen Angaben hat das Unternehmen mit Sitz in Alzenau daraufhin sofort notwendige und weitreichende Schutzmaßnahmen ergriffen. Aus Sicherheitsgründen seien umgehend […]
Author Archives: Onsite Computing, Inc.
Using a malicious Chrome extension, researchers showed how an attacker could inject custom code into a victim’s Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites. Go to Source Author: Nate Nelson, Contributing Writer
A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access to private APIs. The attack, codenamed CrossBarking, could have made it possible to conduct actions such as capturing screenshots, modifying browser settings, and account hijacking, Guardio Labs said. To demonstrate the issue, the company said […]
Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta’s advertising platform and hijacked Facebook accounts to distribute information known as SYS01stealer. “The hackers behind the campaign use trusted brands to expand their reach,” Bitdefender Labs said in a report shared with The Hacker News. “The malvertising campaign leverages nearly a hundred malicious Go […]
A critical authentication bypass vulnerability in the widely used web hosting control panel, CyberPanel, has allowed a massive PSAUX ransomware attack that took down 22,000 CyberPanel servers within hours. With a CVE tracker (CVE-2024-51567) issued only on Wednesday, the attack constitutes a zero-day exploitation of the critical (10/10 base CVSS rating) vulnerability which, along with […]
Russian state-backed hacking group Midnight Blizzard, also known as APT29 and linked to the Russian Foreign Intelligence Service (SVR), has launched a new spear-phishing campaign targeting US officials, academics, and members of the defense and NGO sectors, Microsoft said in a statement. According to the software major, the group has been active since last week, […]
Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims’ crypto wallets. The package, named “CryptoAITools,” is said to have been distributed via both Python Package Index (PyPI) and bogus GitHub repositories. It was downloaded over […]
Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting. Luckily, Intruder simplifies the process by helping you address the key vulnerability management criteria these frameworks demand, making your compliance journey much smoother. Read on to understand how to meet the requirements of each framework to keep your customer […]
In the summer of 2020, insurance company Mapfre suffered a ransomware attack that impacted thousands of the company’s servers and workstations in Spain. The timing could not have been more complicated — in the middle of the pandemic and on the eve of a holiday when many Spanish citizens are on vacation and the demand for Mapre’s […]
Security teams are always on red alert, constantly thinking about what could go wrong and when the next threat might strike. This environment can take a toll on employees, and for those already struggling, the pressure can become unbearable. “The job is full of complexity, ambiguity, and is constantly changing, which results in a state […]