A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. “These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them to persist on the device and use it as a […]
Author Archives: Onsite Computing, Inc.
DrayTek has released security updates for multiple router models to address 14 vulnerabilities of varying severity, including a remote code execution flaw that received the maximum CVSS score of 10. […] Go to Source Author: Bill Toulas
Microsoft is blocking Windows 24H2 upgrades on systems with incompatible Intel Smart Sound Technology (SST) audio drivers due to blue screen of death (BSOD) issues. […] Go to Source Author: Sergiu Gatlan
Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The […]
Microsoft is working to fix several known issues behind Asphalt 8 game crashes and Easy Anti-Cheat blue screens on some Windows 24H2 systems. […] Go to Source Author: Sergiu Gatlan
Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. […]
Police authorities from 12 countries have carried out another concerted action as part of “Operation Cronos.” Mission-critical servers for the Lockbit infrastructure were shut down and four suspects said to be connected to the cybercriminals were arrested, Europol said in a news release. “LockBit power cut: Four new arrests and financial sanctions against affiliates,“ the […]
The right tool can make or break a pentest or red team exercise. While many of the tools in Kali are tried and true, they are not always the best fit for every scenario. It is crucial to know where to turn for different needs, ensuring you’re adequately equipped to meet a variety of objectives. […]
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the attackers didn’t succeed in deploying ransomware on the networks of any of the organizations affected, it is likely that the attacks were financially motivated,” Symantec, […]
What is ransomware? Ransomware is a form of malware that encrypts or blocks access to a victim’s files, data, or systems until a ransom is paid. When under such an attack, users are shown instructions for how to pay a fee to get the decryption key. The costs for enterprises hit with ransomware can range from hundreds […]