Organizations are losing between $94 – $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events […]
Author Archives: Onsite Computing, Inc.
India’s hill state of Uttarakhand’s entire IT infrastructure came to a standstill on Friday after malware was detected on systems at the State Data Center. The shutdown impacted several critical services, including government websites, the Chief Minister’s helpline, and land registration services. Officials, suspecting a cyberattack, launched an investigation into the breach, while IT Secretary […]
The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experiencing data breaches, leaks, and significant financial losses. While traditional password-based systems offer Go to […]
Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet “issued over 300,000 attack commands, with a shocking attack density” between September 4 and September 27, 2024. No less […]
A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. “Schema parsing in the Java SDK of Apache Avro 1.11.3 and […]
Ever heard of a “pig butchering” scam? Or a DDoS attack so big it could melt your brain? This week’s cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it’s too late! ⚡ Threat of the Week Double Trouble: Evil Corp & […]
Google has announced that it’s piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such […]
Mastering the art of risk storytelling is essential for CISOs not just for engagement, but for driving meaningful action across the organization. The right story should emphasize cybersecurity risks with the end-goal of grabbing attention that leads to action. “What gets talked about gets prioritized, so we want to be talking about cybersecurity,” says Bethany […]
Security researchers warn that a malware campaign dubbed perfctl has infected millions of Linux servers over the past three to four years by attempting to exploit around 20,000 misconfigurations that expose credentials or insecure admin interfaces. Equipped with a backdoor, perfectl gives attackers wide latitude in the actions they can commit. It seems to be […]
Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. “An online social network such as Facebook […]