A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software […]
Author Archives: Onsite Computing, Inc.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. […] Go to Source Author: Bill Toulas
Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. […] Go to Source Author: Sponsored by Passwork
Until businesses begin to account for uncontrolled variables in their threat models, attackers will continue to exploit the weakest link in the chain. Go to Source Author: Gene Moody
Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its subsidiaries, Creative Box Inc. (CBI). […] Go to Source Author: Bill Toulas
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. “Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking Go to Source Author:
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to ensure the endpoint is adequately secured by a platform capable of not just keeping pace, […]
A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale cybercrime campaign, first detected in August 2025, has been codenamed ShadowCaptcha by the Israel National Go […]
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. “A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment,” Zimperium zLabs researcher Vishnu Pratapagiri […]
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. “Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices,” the company said. “This creates […]