Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data […]
Author Archives: Onsite Computing, Inc.
In its “2024 Voice of the CISO” report, Proofpoint found that ransomware remains a top concern among CISOs worldwide. More surprising, however, is how CISOs say their organizations would deal with a specific incident: 62% stated that their enterprise would likely pay a ransom to restore access to systems. The top three countries where CISOs […]
Die richtigen Fragen im Bewerbungsgespräch können CISO-Kandidaten dabei unterstützen, besser abzuschätzen, was beim neuen Arbeitgeber auf sie zukommen könnte. Foto: N Universe | shutterstock.com Der Bewerbungsprozess ist nicht für Unternehmen eine Gelegenheit, den passenden Kandidaten zu finden. Auch die Job-Aspiranten sollten abwägen, ob die in Aussicht stehende Stelle beziehungsweise das dazugehörige Unternehmen wirklich zu ihnen […]
Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai Go […]
In its July Patch Tuesday updates, Microsoft fixed a zero-day flaw, CVE-2024-38112 (7.5 CVSS), in Trident, Microsoft’s proprietary browser engine for Internet Explorer. Microsoft called the vulnerability a spoofing flaw, while Trend Micro’s Zero Day Initiative (ZDI) team, which claimed credit for discovering the vulnerability, characterized the weakness as a remote execution flaw that deserved […]
Cybersecurity researchers have uncovered new Android malware that can relay victims’ contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia. The malware […]
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity. Go to Source Author: Robert Lemos, Contributing Writer
A stealthy Linux malware named ‘sedexp’ has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework. […] Go to Source Author: Bill Toulas
An audit from the Department of Justice’s Office of the Inspector General (OIG) identified “significant weaknesses” in FBI’s inventory management and disposal of electronic storage media containing sensitive and classified information. […] Go to Source Author: Bill Toulas
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe was focused on a lack of content moderation […]