1Password discloses security incident linked to Okta breach
1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to...
News
University of Michigan employee, student data stolen in cyberattack
The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its...
Palestine crypto donation scams emerge amid Israel-Hamas war
As thousands of civilians die amid the deadly Israel-Hamas war, scammers are capitalizing on the horrific events to collect donations...
US energy firm shares how Akira ransomware hacked its systems
In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their...
Cisco IOS XE Escalation of Privilege Vulnerability
A vulnerability was identified in Cisco IOS XE. A remote attacker could exploit this vulnerability to trigger elevation of privilege on the targeted system. Note: CVE-2023-20198...
Okta Breached Via Stolen Credential
Identity and access management (IAM) specialist Okta has found itself on the receiving end of another security breach after a...
Police Dismantle Ragnar Locker Ransomware Group
Global law enforcers have claimed another victory in the ongoing fight against ransomware, after seizing infrastructure and arresting a suspected...
QuasarRAT Deploys Advanced DLL Side-Loading Technique
A recent research report by Uptycs has highlighted the evolution of QuasarRAT, an open-source remote administration tool (RAT) known for...
ICC: September Breach Was Espionage Raid
The International Criminal Court (ICC) has revealed that a September cyber-attack on its IT systems was a highly targeted espionage...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
New TetrisPhantom hackers steal data from secure USB drives on govt systems
A new sophisticated threat tracked as ‘TetrisPhantom’ has been using compromised secure USB drives to target government systems in the...
Number of hacked Cisco IOS XE devices plummets from 50K to hundreds
The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
American Family Insurance confirms cyberattack is behind IT outages
Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after...
International Criminal Court systems breached for cyber espionage
The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation...
The Week in Ransomware – October 20th 2023 – Fighting Back
This was a bad week for ransomware, with the Trigona ransomware suffering a data breach and law enforcement disrupting the...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
Fake Corsair job offers on LinkedIn push DarkGate malware
A threat actor is using fake LinkedIn posts and direct messages about a Facebook Ads specialist position at hardware maker Corsair...
Ragnar Locker ransomware developer arrested in France
Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web...
Critical RCE flaws found in SolarWinds access audit solution
Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could...
Okta says its support system was breached using stolen credentials
Update October 20, 16:15 EDT: Added BeyondTrust incident details. Update October 20, 18:59 EDT: Added Cloudflare incident details. Okta says attackers accessed...
Cisco discloses new IOS XE zero-day exploited to deploy malware implant
Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using...
Kwik Trip finally confirms cyberattack was behind ongoing outage
Two weeks into an ongoing IT outage, Kwik Trip finally confirmed that it's investigating a cyberattack impacting the convenience store...
Hacker Group GhostSec Unveils New Generation Ransomware Implant
Dark web watchdog SOCRadar has revealed that GhostSec, a self-described "vigilante" group that has recently turned to financially motivated cyber...
