A stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up “Microsoft” login pages of various kinds, with dynamic enterprise branding. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
Author Archives: Onsite Computing, Inc.
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls. […] Go to Source Author: Sergiu Gatlan
The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor’s Cloud Services Appliance (CSA). Go to Source Author: Dark Reading Staff
Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks. […] Go to Source Author: Bill Toulas
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real-time insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data […]
The drama of Patch Tuesday often revolves around zero days, which in October’s haul of 117 vulnerabilities brings patch managers a total of five that have been publicly disclosed. Of those, Microsoft said that two are being actively exploited. The first is CVE-2024-43573, intriguingly a spoofing flaw in the Windows MSHTML component. If this doesn’t […]
Microsoft has fixed a known issue that was causing Word to delete some Windows users’ documents instead of saving them. […] Go to Source Author: Sergiu Gatlan
Evolving threats require security solutions that match the sophistication of modern threats. Learn more about how Wazuh, the open-source XDR and SIEM, tackles these threats. […] Go to Source Author: Sponsored by Wazuh
Multimodal AI systems can help enterprise defenders weed out fraudulent emails, even if the system has not seen that type of message before. Go to Source Author: Robert Lemos, Contributing Writer