Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023. The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate […]
Author Archives: Onsite Computing, Inc.
A MOIS-aligned threat group has been using Microsoft Exchange servers to exfiltrate sensitive data from Gulf-state government agencies. Go to Source Author: Nate Nelson, Contributing Writer
Artificial intelligence, especially large language models (LLMs) and the agents powered by them, has been transformative across the cybersecurity spectrum, and the game-changing technology has been nothing short of revolutionary in the realm of offensive cybersecurity. The introduction of AI “has triggered a profound transformation in the landscape of offensive security, including vulnerability assessment, penetration […]
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. “A security issue […]
Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. […] Go to Source Author: Ionut Ilascu
Attackers have weaponized yet another tool developed for penetration testing and red team exercises to enhance their attacks. The tool, dubbed EDRSilencer, leverages the Windows Filtering Platform (WFP) to block the network communication of EDR software agents, preventing them from sending telemetry or alerts back to the management consoles monitored by security teams. “This tool […]
Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. […] Go to Source Author: Bill Toulas
A notorious hacker named USDoD, who is linked to the National Public Data and InfraGard breaches, has been arrested by Brazil’s Polícia Federal in “Operation Data Breach”. […] Go to Source Author: Lawrence Abrams
But the time when quantum computers pose a tangible threat to modern encryption is likely still several years away. Go to Source Author: Jai Vijayan, Contributing Writer