The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires, who is facing money laundering charges related to cryptocurrency proceeds of the notorious North Korean hackers’ Lazarus Group.’ […] Go to Source Author: Bill Toulas
Author Archives: Onsite Computing, Inc.
A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account security solutions and allows bot-led CAPTCHA solving at scale. […] Go to Source Author: Ionut Ilascu
Microsoft-owned source code management platform, GitHub, has rolled out fixes for three vulnerabilities affecting its Enterprise Server product, including a critical one allowing site administrator privileges to an attacker. Reported via the GitHub Bug Bounty Program, the critical vulnerability tracked as CVE-2024-6800 has received a CVSS rating of 9.5 out of 10. “On GitHub Enterprise […]
Let’s be honest. The world of cybersecurity feels like a constant war zone. You’re bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It’s exhausting, isn’t it? But what if there was a better way? Imagine having every essential cybersecurity tool at your fingertips, all within a […]
Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s insights first-hand, watch Intruder’s on-demand webinar. To learn more about reducing your attack surface, reach out to their team today. Attack surface management vs exposure management Attack surface management (ASM) is […]
SolarWinds has issued a hotfix to patch up a security oversight that could allow remote access to sensitive credentials hardcoded in its Web Help Desk (WHD) product. The vulnerability, tracked as CVE-2024-28987, has been rated “critical” with a CVSS score of 9.1 out of 10. “The SolarWinds Web Help Desk software is affected by a […]
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report. […]
Main Line Health (MLH), a not-for-profit health system serving portions of Philadelphia and its western suburbs, faces the cybersecurity threats common to others in the healthcare sector: threat actors with significant incentives to extort healthcare delivery organizations by compromising patient dignity and safety. “That manifests itself in the form of social engineering attacks, malware delivery […]
Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. […] Go to Source Author: Bill Toulas
Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system. Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS) model for $500 a month from late 2023. […]