Security Archives

Microsoft Edge now offers secure password deployment for businesses

Posted on June 12, 2025 by Onsite Computing, Inc.

Microsoft announced that a new Edge feature allowing employees to share passwords more securely in enterprise environments has reached general availability. […] Go to Source Author: Sergiu Gatlan

Continue reading →

GitLab patches high severity account takeover, missing auth issues

Posted on June 12, 2025 by Onsite Computing, Inc.

GitLab has released security updates to address multiple vulnerabilities in the company’s DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in future pipelines. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Security

Fog ransomware attack uses unusual mix of legitimate and open-source tools

Posted on June 12, 2025 by Onsite Computing, Inc.

Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. […] Go to Source Author: Bill Toulas

Continue reading →

Security

SmartAttack uses smartwatches to steal data from air-gapped systems

Posted on June 11, 2025 by Onsite Computing, Inc.

A new attack dubbed ‘SmartAttack’ uses smartwatches as a covert ultrasonic signal receiver to exfiltrate data from physically isolated (air-gapped) systems. […] Go to Source Author: Bill Toulas

Continue reading →

Business, Security

Erie Insurance confirms cyberattack behind business disruptions

Posted on June 11, 2025 by Onsite Computing, Inc.

Erie Insurance and Erie Indemnity Company have disclosed that a weekend cyberattack is behind the recent business disruptions and platform outages on its website. […] Go to Source Author: Lawrence Abrams

Continue reading →

Artificial Intelligence, Security

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

Posted on June 11, 2025 by Onsite Computing, Inc.

A new attack dubbed ‘EchoLeak’ is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user’s context without interaction. […] Go to Source Author: Bill Toulas

Continue reading →

Security

Hackers exploited Windows WebDav zero-day to drop malware

Posted on June 11, 2025 by Onsite Computing, Inc.

An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. […] Go to Source Author: Bill Toulas

Continue reading →

Security

Brute-force attacks target Apache Tomcat management panels

Posted on June 11, 2025 by Onsite Computing, Inc.

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. […] Go to Source Author: Sergiu Gatlan

Continue reading →

Legal, Security

Operation Secure disrupts global infostealer malware operations

Posted on June 11, 2025 by Onsite Computing, Inc.

An international law enforcement action codenamed “Operation Secure” targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures, and server takedowns. […] Go to Source Author: Bill Toulas

Continue reading →

Security

DanaBot malware operators exposed via C2 bug added in 2022

Posted on June 10, 2025 by Onsite Computing, Inc.

A vulnerability in the DanaBot malware operation introduced in June 2022 update led to the identification, indictment, and dismantling of their operations in a recent law enforcement action. […] Go to Source Author: Bill Toulas

Continue reading →

Category Archives: Security

Microsoft, Security

Microsoft Edge now offers secure password deployment for businesses

Security

GitLab patches high severity account takeover, missing auth issues

Security

Fog ransomware attack uses unusual mix of legitimate and open-source tools

Security

SmartAttack uses smartwatches to steal data from air-gapped systems

Business, Security

Erie Insurance confirms cyberattack behind business disruptions

Artificial Intelligence, Security

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

Security

Hackers exploited Windows WebDav zero-day to drop malware

Security

Brute-force attacks target Apache Tomcat management panels

Legal, Security

Operation Secure disrupts global infostealer malware operations

Security

DanaBot malware operators exposed via C2 bug added in 2022