A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by “several” ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host. “A Go to […]
Author Archives: Onsite Computing, Inc.
A new version of the Android spyware ‘Mandrake’ has been found in five applications downloaded 32,000 times from Google Play, the platform’s official app store. […] Go to Source Author: Bill Toulas
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named “Specula,” released today by cybersecurity firm TrustedSec. […] Go to Source Author: Sergiu Gatlan
Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to gain full administrative access to a domain-joined hypervisor. The problem, identified as CVE-2024-37085, granted full admin privileges to members of a domain group, without proper validation. It has been used by several ransomware groups such […]
One threat actor claims to have already gathered email addresses and associated hashes from more than 110 remote IT management databases. Go to Source Author: Jai Vijayan, Contributing Writer
Microsoft says that its initial estimate of 8.5 million PCs affected was only a subset of the affected number of machines in the crash. Go to Source Author: Dark Reading Staff
Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews. […] Go to Source Author: Lawrence Abrams