Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Author Archives: Onsite Computing, Inc.
D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported. […] Go to Source Author: Bill Toulas
Malware authors have iterated on one of the premier encryptors on the market, building something even bigger and better. Go to Source Author: Nate Nelson, Contributing Writer
Understanding through visibility, managing through governance, and anticipating through continuous deployment will better prepare organizations for the next supply chain attack. Go to Source Author: Josh Lemos
A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for obtaining initial access,” Kaspersky said in a Monday analysis of the group’s tactics and tools. “For instance, the attackers took advantage of the relatively recent CVE-2023-38831 […]
Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. “It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector,” cybersecurity Go to Source Author:
Oil and gas giant Halliburton has confirmed in a filing today to the Securities and Exchange Commission (SEC) that data was stolen in the recent attack linked to the RansomHub ransomware gang. […] Go to Source Author: Bill Toulas
The shared responsibility model has been foundational to cybersecurity from the start. But modern developments and complications, especially in the cloud, are beginning to erode our ability to truly share responsibility for secure results. The premise of shared responsibility is that a vendor is responsible for building a system that can be secure, and the […]
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. “This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks,” Dutch security company ThreatFabric said. […]
In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day? A Single Secret Can Wreak Havoc Imagine this: It’s a typical Tuesday in […]