Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where “CL” refers to “cluster” and “CRI” stands for […]
Author Archives: Onsite Computing, Inc.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-54085 (CVSS score: 10.0) – An authentication bypass by spoofing […]
Israel’s cyber pros are having to put theory into practice, as a notorious nation-state APT sponsored by Iran targets them with spear-phishing attacks. Go to Source Author: Nate Nelson, Contributing Writer
Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later […]
A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from dozens of victims, causing an estimated $25 million in damages. […] Go to Source Author: Lawrence Abrams
Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client’s Authenticode signature. […] Go to Source Author: Lawrence Abrams
Though rudimentary and largely non-functional, the wryly named “Skynet” binary could be a harbinger of things to come on the malware front. Go to Source Author: Jai Vijayan, Contributing Writer
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft’s ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within the energy, oil, and gas sectors. […] Go to Source Author: Ionut Ilascu
A new wave of North Korea’s ‘Contagious Interview’ campaign is targeting job seekers with malicious npm packages that infect dev’s devices with infostealers and backdoors. […] Go to Source Author: Bill Toulas
A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer Brother. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading