What is DNSSEC? The Domain Name System Security Extensions (DNSSEC) is a set of specifications that extend the Domain Name System (DNS) protocol by adding cryptographic authentication for responses received from authoritative DNS servers. Its goal is to defend against attack techniques such as DNS spoofing and hijacking attacks that direct computers to rogue websites […]
Author Archives: Onsite Computing, Inc.
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter […]
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. “In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), […]
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. […]
Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. […]
Phishing and fraud surges during any national news story. This time though, the activity is both more voluminous and more targeted.
Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.
Microsoft has released the optional KB5040527 preview cumulative update for Windows 11 23H2 and 22H2, which includes fixes for Windows Backup and upgrade failures. […]
How your organization can leverage the disruptive CrowdStrike update to become more resilient.
The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker. […]