Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon’s Stroz Friedberg incident response services team. “This advanced threat, active since 2022, […]
Author Archives: Onsite Computing, Inc.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the “Change Favicon” feature that could allow a threat actor […]
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian state-sponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The activity cluster, which originated from Iran, “appeared to […]
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs. Go to Source Author: Jai Vijayan, Contributing Writer
More than five million WordPress sites are at risk of compromise due to a critical flaw in the LiteSpeed Cache plugin discovered in early August, according to researchers at Patchstack. The unauthenticated privilege escalation vulnerability, CVE-2024-28000, allows an attacker to gain administrator access and potentially upload and install malicious plugins. According to a the Patchstack […]
A Chinese state-sponsored cyberespionage group tracked as Velvet Ant exploited a zero-day vulnerability in Cisco NX-OS earlier this year to deploy a custom malware implant on an organization’s network switches, according to researchers from security firm Sygnia. The backdoor was injected into memory by masquerading a known process and was deleted from the file system […]
The American Radio Relay League (ARRL) paid a $1 million ransom for a decryptor that helped restore systems encrypted in a May ransomware attack […] Go to Source Author: Sergiu Gatlan
The release of new NIST quantum-proof cryptography standards signals it’s time for cybersecurity teams to get serious about preparing for the rise of quantum threats. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading
The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds’ less-often-discussed IT help desk software. Go to Source Author: Nate Nelson, Contributing Writer