Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands. Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection. “It is possible for unauthenticated, […]
Author Archives: Onsite Computing, Inc.
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware “targets mnemonic keys by scanning for images on your device that might contain them,” McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint […]
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. […] Go to Source Author: Bill Toulas
Few roles have changed as much as the chief information security officer in the nearly 30 years since Steve Katz first held the title at Citicorp in the mid-1990s. As the role has evolved from managing technical controls to business risk, it’s paved the way for CISOs to advance into other positions. Four CISO who […]
New security features are great, but it’s inevitable that bad actors will eventually find ways around even the most novel of protections. Keeping up with attackers may mean adjusting, changing, redeploying, or, in the case of secure boot, dealing with the update phases of deployment, evaluation, and ultimately enforcement. Starting on May 9, 2023, and […]
A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains. The exact initial […]
The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). “These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm […]
Developers of Apache OFBiz, an open-source enterprise resource planning (ERP) framework, have released a patch for a new critical flaw that can allow unauthenticated attackers to execute arbitrary code on servers. The likelihood of attackers exploiting this vulnerability in real-world attacks is high so users should deploy the patch as soon as possible. The new […]
The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof. […] Go to Source Author: Lawrence Abrams