Okta’s Support System Breach Exposes Customer Data to Unidentified Threat Actors
Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials...
News
1Password Detects Suspicious Activity Following Okta Support Breach
Popular password management solution 1Password said it detected suspicious activity on its Okta instance on September 29 following the support...
Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection
The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified...
DoNot Team’s New Firebird Backdoor Hits Pakistan and Afghanistan
The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird...
Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar
The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar...
Who’s Experimenting with AI Tools in Your Organization?
With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence—formerly the realm of data science and engineering...
Hackers update Cisco IOS XE backdoor to hide infected devices
10/23/23 update added at the end explaining the cause of decreased detections. The number of Cisco IOS XE devices detected...
Cisco patches IOS XE zero-days used to hack over 50,000 devices
Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE...
D.C. Board of Elections: Hackers may have breached entire voter roll
The District of Columbia Board of Elections (DCBOE) says that a threat actor who breached a web server operated by...
QNAP takes down server behind widespread brute-force attacks
QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS (network-attached storage) devices with weak passwords....
Spain arrests 34 cybercriminals who stole data of 4 million people
The Spanish National Police have dismantled a cybercriminal organization that carried out a variety of computer scams to steal and...
City of Philadelphia discloses data breach after five months
The City of Philadelphia is investigating a data breach after attackers "may have gained access" to City email accounts containing...
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability....
1Password discloses security incident linked to Okta breach
1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to...
University of Michigan employee, student data stolen in cyberattack
The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its...
Palestine crypto donation scams emerge amid Israel-Hamas war
As thousands of civilians die amid the deadly Israel-Hamas war, scammers are capitalizing on the horrific events to collect donations...
US energy firm shares how Akira ransomware hacked its systems
In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their...
Cisco IOS XE Escalation of Privilege Vulnerability
A vulnerability was identified in Cisco IOS XE. A remote attacker could exploit this vulnerability to trigger elevation of privilege on the targeted system. Note: CVE-2023-20198...
Okta Breached Via Stolen Credential
Identity and access management (IAM) specialist Okta has found itself on the receiving end of another security breach after a...
Police Dismantle Ragnar Locker Ransomware Group
Global law enforcers have claimed another victory in the ongoing fight against ransomware, after seizing infrastructure and arresting a suspected...
QuasarRAT Deploys Advanced DLL Side-Loading Technique
A recent research report by Uptycs has highlighted the evolution of QuasarRAT, an open-source remote administration tool (RAT) known for...
ICC: September Breach Was Espionage Raid
The International Criminal Court (ICC) has revealed that a September cyber-attack on its IT systems was a highly targeted espionage...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
New TetrisPhantom hackers steal data from secure USB drives on govt systems
A new sophisticated threat tracked as ‘TetrisPhantom’ has been using compromised secure USB drives to target government systems in the...
