X has always had a bot problem, but now scammers are utilizing the Ukraine war and earthquake warnings in Japan to entice users into clicking on fake content warnings and videos that lead to scam adult sites, malicious browser extensions, and shady affiliate sites. […] Go to Source Author: Lawrence Abrams
Author Archives: Onsite Computing, Inc.
Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases. […] Go to Source Author: Lawrence Abrams
Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims’ secrets. “The legitimate Solana Python API project is known as ‘solana-py’ on GitHub, but simply ‘solana’ on the Python software registry, PyPI,” Sonatype […]
As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. “The Quick Share application implements its own specific application-layer communication protocol to support file transfers between nearby, […]
Microsoft has reminded customers that multiple editions of Windows 11 21H2 and 22H2 will reach the end of servicing in 60 days, on October 8, 2024. […] Go to Source Author: Sergiu Gatlan
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data Go […]
U.S. law enforcement has arrested two suspected admins of the WWH-Club stolen credit card marketplace after they went on a cash spending spree in Florida. […] Go to Source Author: Bill Toulas
Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office – Microsoft Office 2016 for 32-bit edition and 64-bit editions […]
AMD has issued microcode updates for a wide range of server and desktop CPUs to address a vulnerability that could allow attackers to bypass protections for the System Management Mode (SMM) and execute malicious code in the low-level firmware outside of the OS. The flaw could be used to deploy stealthy boot-level rootkits in UEFI […]
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. “The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data Go to Source Author: