The Hacker News
How Hackers Phish for Your Users' Credentials and Sell Them
Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea
The Hacker News
Stop Identity Attacks: Discover the Key to Early Threat Detection
Account takeover: the new favorite tool for hackers. Discover the latest strategies in identity protection and why traditional methods might not be en
CSO
9 in 10 organizations have embraced zero-trust security globally
Nearly all of them still have a long way to go according to a new Cisco report.
DarkReading
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
SecurityWeek
Windows Hello Fingerprint Authentication Bypassed on Popular Laptops
Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.
Infosecurity News
LockBit Affiliates Exploiting Citrix Bleed, Government Agencies Warn
Multiple threat actor groups are found to be exploiting a vulnerability in Citrix NetScaler gateway appliances, government agencies have warned
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
Latest Hacking News
Canada Government Admits Data Breach Impacting Public Employees
The Government of Canada recently admitted suffering a security breach that impacted data of current and former public employees. The incident even affected the staff from the Royal Canadian Mounted Police and Canadian Armed Forces. Canada
CSO
Flaw in Citrix software led to the recent cyberattack on Boeing: Report
Malicious elements, including LockBit 3.0, managed to exploit vulnerabilities in Citrix software even after they were fixed.
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
Cyber Security News
CISA Releases Cyber Attack Mitigation for Healthcare Organizations
CISA has released a Cyber Attack Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) Sector.
Infosecurity News
US Cybersecurity Lab Suffers Major Data Breach
Idaho National Laboratory is also a center for nuclear research
The Record
‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
The bug has caused alarm for weeks as cybersecurity experts warned that many government agencies and major companies were leaving their appliances exposed to the internet — opening themselves up to attacks.
Bleeping Computer
How to boost Security with Self-Service Password Resets
Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory.
The Hacker News
Product Walkthrough: Silverfort's Unified Identity Protection Platform
Silverfort's Unified Identity Protection Platform: A game-changer in cybersecurity. Discover how it protects organizations from identity-based attacks
DarkReading
Scattered Spider Casino Hackers Evade Arrest in Plain Sight
The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes?
SecurityWeek
FCC Tightens Telco Rules to Combat SIM-Swapping
With cyberattacks rising, new FCC rules will require wireless carriers to notify customers of any SIM transfer requests
Cyber Security News
FBI Shares Tactics & Techniques Used by Scattered Spider Hacker Group
Recently, the FBI and CISA issued a joint Cybersecurity Advisory (CSA) on Scattered Spider threat actors targeting commercial facilities.
CyberSecurity Dive
Threat actors behind Las Vegas casino attacks are social-engineering mavens
Scattered Spider threat actors are attacking large companies and their IT help desks to steal data for extortion, according to federal cyber authorities.
Infosecurity News
FBI Lifts the Lid on Notorious Scattered Spider Group
Security advisory details TTPs of prolific threat actors
The Hacker News
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
U.S. agencies warn about Scattered Spider cybercriminals using advanced phishing to steal data and extort victims.
The Record
CISA, FBI warn of Scattered Spider expertise with social engineering, SIM swapping
The leading cybersecurity officials in the U.S. published a stark warning on Thursday about a group of hackers who have disrupted some of the largest companies in the country through social engineering and other tactics.
Bleeping Computer
FBI shares tactics of notorious Scattered Spider hacker collective
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation..
The Hacker News
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
Novel attack methods targeting Google Workspace & Cloud Platform could enable ransomware and data breaches.
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
Bleeping Computer
FBI and CISA warn of opportunistic Rhysida ransomware attacks
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
CyberNews
Ohio city severely disrupted by ransomware attack
Huber Heights and Bladen County fell victim to disruptive cyberattacks.
Bleeping Computer
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed
The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files.
The Hacker News
CI/CD Risks: Protecting Your Software Development Pipelines
Malicious actors are exploiting Dependabot's trust. Learn how to protect your CI/CD pipelines and software supply chain.
The Hacker News
Top 5 Marketing Tech SaaS Security Challenges
Don't leave your marketing data exposed. Discover the top challenges in securing SaaS applications used by marketing teams.
Infosecurity News
Malaysian Police Dismantle “BulletProftLink” Phishing Operation
Several arrested and servers seized
Cyber Security News
Best Security Solutions for Marketers - 2024
Best security solutions for Marketers: 1. Perimeter 81 2. Surfshark3. Private Internet Access 4. Malwarebytes 5. CyberGhost 6. GoodAccess
Bleeping Computer
The Rise of Ransomware in Healthcare: What IT Leaders Need to Know
Ransomware attacks are rapidly becoming the weapon of choice, making up over half of all attacks in the healthcare industry. Learn more from Specops Software on securing your organization from these attacks.
CyberNews
Be careful what you scan: QR scams increase by 51%
Threat actors are using malicious QR codes to steal valuable data and money. Experts say it’s still difficult to detect and mitigate the threats spread by this method.
Latest Hacking News
Microsoft Authenticator Restricts Suspicious MFA Notifications
The Redmond giant has recently announced introducing a new privacy feature to its authenticator app. With this feature, Microsoft Authenticator app now blocks suspicious multi-factor authentication notifications to prevent potential abuse. Microsoft Authenticator App Blocks Suspicious
Trend Micro
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.
Infosecurity News
FBI Warns of Emerging Ransomware Initial Access Techniques
The FBI notification advises how to protect against the growing targeting of third-party vendors and services
Computerworld
Windows Hello for Business: Passwordless authentication for Windows shops
Microsoft has brought biometric sign-in to Windows 10 business and enterprise users with Windows Hello for Business. Here’s how it works and how to deploy it to your users.
Bleeping Computer
Microsoft Authenticator now blocks suspicious MFA alerts by default
Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks performed during the account login stage.
Bleeping Computer
Microsoft will roll out MFA-enforcing policies for admin portal access
Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure.
Cyber Security News
The Ultimate SaaS Security Admin Guide - 2024
SaaS Security Admin Guide: 1. Encryption 2. Backup and Recovery 3. Data Residency 4. Regular Audits 5. Data Privacy 6. Least Privileges.
Ars Technica
No, Okta, senior management, not an errant employee, caused you to get hacked
If a transgression by a single employee breaches your network, you're doing it wrong.
CSO
Microsoft pledges cybersecurity overhaul to protect products and services
Microsoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats.
Bleeping Computer
Okta data breach exposed personal information of employees
Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached.
Bleeping Computer
Okta hit by third-party data breach exposing employee information
Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached.
Bleeping Computer
Your end-users are reusing passwords – that’s a big problem
Password reuse is a difficult vulnerability for IT teams to get full visibility over. Learn more from Specops Software on how to mitigate the risk of compromised credentials.
Cyber Security News
Securing Your SaaS: Best Practices and Proven Strategies
Protecting cloud-based apps and the data they manage is the primary goal of Software as a Service (SaaS) security.
The Hacker News
SaaS Security is Now Accessible and Affordable to All
Worried about shadow IT and SaaS security? Wing Security's "Essential SSPM" offers a solution. Discover, Assess, Control.
Bleeping Computer
Hackers use Citrix Bleed flaw in attacks on govt networks worldwide
Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region.
Bleeping Computer
LayerX Enterprise Browser Security Extension – Secure the Modern Workspace
LayerX has developed a secure enterprise browser extension that delivers comprehensive visibility, monitoring, and granular policy enforcement on every event within a browsing session. Learn more about this cybersecurity platform from LayerxSecurity.
The Hacker News
Hands on Review: LayerX's Enterprise Browser Security Extension
Protect your organization's most critical interface—The Browser! LayerX's secure extension offers comprehensive visibility and policy enforcement, de
SecurityWeek
Extending ZTNA to Protect Against Insider Threats
Overcoming the failures and challenges of Zero Trust Network Access (ZTNA) for in-office and remote users
Ars Technica
“This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard
By some estimates, 20,000 devices have already been hacked.
Ars Technica
Microsoft profiles new threat group with unusual but effective practices
Octo Tempest employs tactics that many of its targets aren't prepared for.
Bleeping Computer
Microsoft: Octo Tempest one of the most dangerous financial hacking groups
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks.
Bleeping Computer
Microsoft: Octo Tempest is one of the most dangerous financial hacking groups
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks.
Infosecurity News
CISO Best Practices for Managing Cyber Risk
Two leading CISOs provide best practice tips for CISOs on undertaking a sustainable cyber risk management program
The Hacker News
Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware
New research reveals how the zero-day financial criminal group Scattered Spider leverages sophisticated phishing, SIM swapping, and help desk fraud ta
The Record
MGM Resorts hackers 'one of the most dangerous financial criminal groups’
Octo Tempest, a hacking group also known as Scattered Spider, has been in the limelight since its attack on MGM Resorts left parts of Las Vegas paralyzed for days and cost the casino giant an estimated $100 million.
Infosecurity News
Seiko “BlackCat” Data Breach: 60,000 Records on the Line
The breach exposed Seiko Watch Corporation customer, employment and personnel information
The Hacker News
The Rise of S3 Ransomware: How to Identify and Combat It
The Rise of S3 Ransomware: How to Identify and Combat It | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
Infosecurity News
Small Businesses Suffer Record Number of Cyber-Attacks
Most claim to be ready to respond to an incident
The Hacker News
1Password Detects Suspicious Activity Following Okta Support Breach
1password detected suspicious activity following the Okta support system breach. After investigation, they determined no user data was accessed.
CSO
Okta support system breach highlights need for strong MFA policies
Breach was detected and blocked before it granted access to attackers due to the enforcement of multifactor authentication.
Bleeping Computer
1Password discloses security incident linked to Okta breach
1Password, a popular password management platform used by over 100,000 businesses, suffered a security breach after hackers gained access to its Okta ID management tenant.
SecurityWeek
Okta Support System Hacked, Sensitive Customer Data Stolen
Okta warns that hackers broke into its support case management system and stole sensitive data that can be used to impersonate valid users.
-1.webp)
Cyber Security News
U.S. Government Releases Popular Phishing Technique Used by Hackers
Phishing is a cyberattack that uses deception to trick people into giving away sensitive information or taking actions that compromise security.
SecurityWeek
US Government Releases Anti-Phishing Guidance
CISA, NSA, FBI, and MS-ISAC have released guidance and prevention recommendations on common phishing techniques.
CSO
Most organizations globally have implemented zero trust
Zero-trust adoption is growing according to a recent report from Okta that found 61% of organizations have already implemented a zero-trust initiative.
Bleeping Computer
Single Sign On and the Cybercrime Ecosystem
One of the trends driving an increase is the compromise of enterprise single sign on (SSO) applications are info-stealer malware attacks. Learn more from Flare about this cybercrime ecosystem.
SecurityWeek
Lost and Stolen Devices: A Gateway to Data Breaches and Leaks
Strategies to prevent lost and stolen computers from contributing to data breaches and leaks.
Cyber Security News
CISA, FBI Warns of Critical Atlassian Zero-Day Flaw Under Active Attack
A serious security flaw in some versions of Atlassian Confluence Data Center and Server has been exploited by hackers.
Infosecurity News
Rising AI-Fueled Phishing Drives Demand for Password Alternatives
FIDO Alliance’s Online Authentication Barometer showed that AI-powered phishing is prompting users to switch passwords for MFA
Infosecurity News
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Hacktivists claim DDoS attacks against Israeli websites as cybersecurity experts urge caution in believing these cyber-criminals’ claims
CyberSecurity Dive
CISA’s top 10 misconfigurations reveal ‘systemic weaknesses’
Common mistakes including poor credential management, weak MFA and lackluster patching continue to harm large enterprises.
-1.webp)
Cyber Security News
Hackers Abusing Skype and Teams to Deliver the DarkGate Malware
o spread the DarkGate malware to the targeted businesses, hackers utilized the Teams and Skype messaging platforms.
Bleeping Computer
Steam enforces SMS verification to curb malware-ridden updates
Valve has announced implementing additional security measures for developers publishing games on Steam, including SMS-based confirmation codes. This is to deal with a recent outbreak of malicious updates pushing malware from compromised publisher accounts.
The Hacker News
Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023?
Ransomware attacks have evolved in Q3-2023, employing new techniques to bypass defenses. Discover the strategies ransomware groups have been adopting.
Bleeping Computer
FBI shares AvosLocker ransomware technical details, defense tips
The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts.
Bleeping Computer
Shadow PC warns of data breach as hacker tries to sell gamers' info
Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers.
Trend Micro
DarkGate Opens Organizations for Attack via Skype, Teams
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.
The Hacker News
Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords
Protecting your organization starts with strong passwords. Learn why password reuse is a serious threat and how to combat it effectively.
-1-1.webp)
Cyber Security News
Top 10 Best SaaS Security Tools
Top 10 Best SaaS Security Tools. 1. DoControl, 2. Splunk, 3. Zscaler, 4. Qualys, 5. Proofpoint, 6. Veracode, 7. Okta, 8. Trend Micro.
Infosecurity News
#CyberMonth: Google Makes Passkeys Default Sign-In Option
The tech giant said the move is designed to help efforts to make passwords obsolete
Cyber Security News
ChatGPT, FraudGPT, and WormGPT Plays A Vital Role in Social Engineering Attacks
In cybersecurity's evolution, generative AI models like ChatGPT, FraudGPT, and WormGPT bring innovation and new challenges.
DarkReading
'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits
Following the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.
Infosecurity News
DNA Tester 23andMe Hit By Credential Stuffing Campaign
Threat actor offers to sell DNA profiles of ‘millions’
Latest Hacking News
EvilProxy Phishing Targets Microsoft 365 Accounts Via Indeed.com Redirects
Researchers have found a new EvilProxy phishing campaign that targets Microsoft 365 accounts. To trick users, the threat actors exploit the open redirects from Indeed.com website. Users need to remain vigilant with interacting with job
SecurityWeek
Microsoft Releases New Report on Cybercrime, State-Sponsored Cyber Operations
US, Ukraine, and Israel remain the most heavily attacked by cyberespionage and cybercrime threat actors, Microsoft says.
Infosecurity News
AWS Mandates Multi-Factor Authentication from 2024
Move is designed to mitigate risk of account takeover
SecurityWeek
In Other News: Funding Increase, Abuse of Smartphone Location Data, Legal Matters
Noteworthy stories that might have slipped under the radar: cybersecurity funding increases and illegal use of smartphone location data.
SecurityWeek
Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA
CISA and the NSA are urging network defenders and software developers to address the top ten cybersecurity misconfigurations.
Infosecurity News
CISA and NSA Publish Top 10 Misconfigurations
Data was compiled from real-world read and blue team engagements
The Hacker News
GitHub's Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack
GitHub's secret scanning just got even better! Now supporting AWS, Microsoft, Google, and Slack tokens, ensuring your code's safety.
Bleeping Computer
NSA and CISA reveal top 10 cybersecurity misconfigurations
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations.
Bleeping Computer
Amazon to make MFA mandatory for 'root' AWS accounts by mid-2024
Amazon will require all privileged AWS (Amazon Web Services) accounts to use multi-factor authentication (MFA) for stronger protection against account hijacks leading to data breaches, starting in mid-2024.
Infosecurity News
CISA and NSA Tackle IAM Security Challenges in New Report
The document is authored by the Enduring Security Framework (ESF)
Cyber Security News
Top 10 SaaS Security Risks and How to Mitigate Them
Top 10 SaaS Security Risks and How to Mitigate Them. 1. Data Breaches, 2. Account Hijacking, 3. Lack of Identity and Access Management (IAM).
SecurityWeek
CISA, NSA Publish Guidance on IAM Challenges for Developers, Vendors
New US government guidance details the challenges that application developers and vendors face in identity and access management (IAM).
Infosecurity News
Record Numbers of Ransomware Victims Named on Leak Sites
A new Secureworks report finds that 2023 is on course to be the biggest year on record for victim naming on ‘name and shame’ sites
Cyber Security News
EvilProxy Attacking Microsoft 365 Users Abusing Open Redirection With Indeed.com
This campaign, which started in July and continued into August, employed a sophisticated phishing kit known as 'EvilProxy.'
Bleeping Computer
Researchers warn of 100,000 industrial control systems exposed online
About 100,000 industrial control systems (ICS) were found on the public web, exposed to attackers probing them for vulnerabilities and at risk of unauthorized access. Among them are power grids, traffic light systems, security and water systems.
Infosecurity News
EvilProxy Phishing Attack Strikes Indeed, Targets Executives
Menlo Labs brought this discovery to light in an advisory published on Tuesday
CyberSecurity Dive
AWS kicks off cloud race to mandate MFA by default
The cloud giant will start requiring users with the highest level of privileges to use MFA starting in mid-2024. Google, in response, said it will mandate MFA for certain accounts this year.
SecurityWeek
US Executives Targeted in Phishing Attacks Exploiting Flaw in Indeed Job Platform
An open redirection vulnerability in the popular job search platform Indeed has been exploited in a series of phishing attacks.
Bleeping Computer
EvilProxy uses indeed.com open redirect for Microsoft 365 phishing
A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from the Indeed employment website for job listings.
Infosecurity News
FBI Warns of Dual Ransomware Attacks and Data Destruction Trends
Hackers are deploying different ransomware variants, including AvosLocker and Hive, among others
The Hacker News
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
🚨Beware of LUCR-3 (aka Scattered Spider) – a threat actor targeting Fortune 2000 companies for extortion.
Cyber Security News
What is Origin Server? How To Protect them? A Detailed Guide
Origin servers are critical in the web ecosystem by managing incoming requests and delivering website content to users. Whenever a user accesses a webpage, a request is initiated to the origin server to fetch the required content.
DarkReading
QR Code 101: What the Threats Look Like
Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.
Bleeping Computer
FBI: Dual ransomware attack victims now get hit within 48 hours
The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days.
CyberSecurity Dive
CISA rolls dice on public service campaign to raise cyber awareness
The agency is hoping to get families and small businesses to adopt MFA, use stronger passwords and recognize phishing attacks.
Bleeping Computer
Can we fix the weaknesses in password-based authentication?
There are inherent weaknesses to password-based authentication. Learn more from Specops Software on measures we can enforce to minimize these weaknesses and prevent corporate breaches.
The Hacker News
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions
A new variant of the Xenomorph Banking Trojan has been uncovered, targeting 35+ U.S. financial institutions.
Bleeping Computer
Xenomorph Android malware now targets U.S. banks and crypto wallets
Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium.
CyberSecurity Dive
Guard against SMS phishing in your organization
How to Guard Against SMS Phishing In Your Organization with Secure Service Desk Verification.
DarkReading
Akira Ransomware Mutates to Target Linux Systems, Adds TTPs
The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.
SecurityWeek
Navigating the Digital Frontier in Cybersecurity Awareness Month 2023
Zero Trust Network Access (ZTNA) solutions help minimize attack surfaces while ensuring productivity and security of remote workers
Cyber Security News
Top 10 Best Data Loss Prevention Software - 2023
Best Data Loss Prevention Software: 1. DoControl 2. Check Point 3. Forcepoint 4. Code42 5. Digital Guardian 6. Trellix 7. Proofpoint.
Latest Hacking News
Google Authenticator Flaw Inadvertently Facilitated $15 Million Theft
Recently, a cryptocurrency firm, Fortress Trust, disclosed a theft of $15 million following a cyber attack. Investigating the matter revealed a design flaw in Google Authenticator that led to a series of incidents across multiple
Cyber Security News
Best Software Defined Perimeter (SDP) Tools in 2023
Best Software Define Perimeter Tools & Software : 1. Perimeter 81 SDP 2. Good Access 3. Twingate SDP 4. NetMotion SDP 5. Appgate SDP and more.
The Hacker News
Think Your MFA and PAM Solutions Protect You? Think Again
Identity attacks are on the rise! Are your MFA and PAM solutions truly protecting your organization? New report reveals critical protection gaps.
CyberSecurity Dive
Security has an underlying defect: passwords and authentication
Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.
The Hacker News
Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients
Software company Retool suffered a breach with 27 customer accounts hacked after an SMS-based attack. Google Account sync blamed for the breach, turni
The Hacker News
Financially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks
UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization
The Record
‘Scattered Spider’ group launches ransomware attacks while expanding targets in hospitality, retail
Hackers connected to a group known to researchers by names like "Scattered Spider," "0ktapus," and UNC3944 have moved beyond targeting telecommunication firms and tech companies into attacks on hospitality, retail, media and financial services.
Cyber Security News
Threat and Vulnerability Roundup For The Week Of 10th to September 16th
This week's Threat and Vulnerability Roundup from Cyber Writes brings you the most recent cybersecurity news.
Bleeping Computer
Retool blames breach on Google Authenticator MFA cloud sync feature
Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack.
Ars Technica
How Google Authenticator made one company’s network breach much, much worse
Google's app for generating MFA codes syncs to user accounts by default. Who knew?
DarkReading
Microsoft: 'Peach Sandstorm' Cyberattacks Target Defense, Pharmaceutical Orgs
For months, the Iran-backed APT has carried out waves of password spray attacks attempting to authenticate to thousands of environments across multiple targets worldwide.
SecurityWeek
MGM Hackers Broadening Targets, Monetization Strategies
The financially motivated UNC3944 group that hacked MGM has hit at least 100 organizations, mainly in the US and Canada.
CyberSecurity Dive
Threat actors claim to have compromised MGM Resorts’ Okta environment
AlphV may have used tactics similar to social engineering attacks disclosed by Okta in regulatory filing.
Cyber Security News
UNC3944 Hackers Acquire Corporate Logins Using SMS Phishing And Support Desk Calls
UNC3944 has frequently employed phone-based social engineering and SMS phishing attacks to gain credentials and escalate access to target organizations.
SecurityWeek
Google Feature Blamed for Retool Breach That Led to Cryptocurrency Firm Hacks
A recently introduced Google account sync feature has been blamed after sophisticated hackers attacked 27 cryptocurrency firms via Retool.
Bleeping Computer
MGM Resorts ESXi servers allegedly encrypted in ransomware attack
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems.
Bleeping Computer
MGM casino's ESXi servers allegedly encrypted in ransomware attack
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems.
CyberSecurity Dive
MGM Resorts disruption linked to recent attacks against hospitality industry
Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.
SecurityWeek
AuthMind Scores $8.5M Seed Funding for ITDR Tech
Maryland startup scores $8.5 million in seed-stage funding to compete in the Identity Threat Detection and Response (ITDR) category.
The Hacker News
Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
Microsoft sounds the alarm on Storm-0324's tactics, luring its prey through Teams messages to breach corporate networks.
The Hacker News
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
Adobe's September 2023 update addresses a new zero-day vulnerability (CVE-2023-26369) in Acrobat and Reader that attackers are exploiting in the wild.
The Hacker News
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
Mozilla is also rushing to fix a zero-day vulnerability (CVE-2023-4863) that is actively exploited in browsers.
Bleeping Computer
Ransomware access broker steals accounts via Microsoft Teams phishing
Microsoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams phishing attacks to breach corporate networks.
The Hacker News
Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign
Redfly's espionage operation exposed! For 6 months, they compromised an Asian national grid, stealing credentials and infiltrating computers.
The Hacker News
Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper
💻🔒 Beware of the latest phishing attack! Attackers are using Microsoft Word docs to spread malware like Agent Tesla, OriginBotnet, and RedLine.
The Hacker News
Beware: MetaStealer Malware Targets Apple macOS in Recent Attacks
Beware, Mac users! MetaStealer, a new info-stealer malware, is targeting macOS. Learn how it's posing as prospective clients to trick victims into lau
The Hacker News
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now
Google releases patch for a new Chrome zero-day vulnerability (CVE-2023-4863) that's being exploited in the wild.
The Hacker News
Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger
Beware of the latest Facebook Messenger phishing attack! Attackers are taking over accounts through malicious attachments.
The Hacker News
Charming Kiten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.
Charming Kitten strikes again! Latest report reveals their campaign using 'Sponsor' backdoor, targeting Brazil, Israel, and U.A.E.
The Hacker News
Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies
Google rolls out Privacy Sandbox for Chrome, boosting privacy while maintaining access to your favorite content.
Cyber Security News
Akira Ransomware Attacks Exploit Zero-Day Cisco ASA Vulnerability
In recent developments, reports have surfaced regarding the Akira ransomware threat actors targeting Cisco VPNs lacking multi-factor authentication (MFA).
The Hacker News
Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
"Steal-It" campaign targets Windows systems in Australia, Poland, and Belgium. Learn how attackers use PowerShell scripts to steal NTLMv2 hashes.
The Hacker News
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
HijackLoader, a new stealthy malware loader, is making waves in the cybercriminal world. Learn how it delivers dangerous payloads and evades security
The Hacker News
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
Beware of impostor apps in the Google Play Store. Fake Telegram apps have been stealing data from millions of Android users.
The Hacker News
Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks
Discover how cybercriminals are abusing Advanced Installer, a popular software installation packaging tool, to deploy cryptocurrency mining malware.
Ars Technica
Ransomware crooks exploit unpatched 0-day in Cisco security appliances
With no patch available yet, users must enable workarounds. The best: enforce MFA.
The Hacker News
U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members
U.S. and U.K. governments have jointly imposed sanctions on 11 individuals connected to the Russia-based TrickBot cybercrime group.
Bleeping Computer
Cisco warns of VPN zero-day exploited by ransomware gangs
Cisco is warning of a zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by ransomware operations to gain initial access to corporate networks.
The Hacker News
Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform
Cisco takes action against critical security flaw, while Juniper Networks and Tenda Modem Router also face vulnerabilities in BroadWorks platform.
The Hacker News
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
North Korean hackers using fake social media accounts and exploiting zero-day bugs to compromise cybersecurity researchers.
The Hacker News
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
CISA Warns of Nation-State Cyber Threats. Numerous actors leveraging vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho.
The Hacker News
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
🚨 Urgent Spyware Alert! Apple patched 2 new zero-day vulnerabilities in iOS, iPadOS, and macOS devices.
The Hacker News
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
Beware of the latest macOS threat! A new malvertising campaign is actively spreading Atomic Stealer malware, targeting gamers and crypto users.
Cyber Security News
Check Point to Acquire SaaS Vendor Atmosec
Check Point Software Technologies Ltd. (NASDAQ: CHKP), a global leader in cybersecurity solutions, has revealed its strategic move to acquire Atmosec.
The Hacker News
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
Apache SuperSet users, beware! A critical update has been released to patch two new vulnerabilities (CVE-2023-39265 & CVE-2023-37941).
CyberSecurity Dive
BEC phishing kit hits thousands of Microsoft 365 business accounts
Threat actors used the W3LL phishing kit to target more than 56,000 accounts, ultimately compromising 14% of them since last October, Group-IB found.
The Hacker News
Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks
A new Mirai botnet variant named Pandora is compromising Android-based TV sets, transforming them into DDoS attack bots.
The Hacker News
Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Microsoft reveals how China-based threat group Storm-0558 compromised an engineer's corporate account that led to the theft of an Outlook signing key.
DarkReading
W3LL Gang Compromises Thousands of Microsoft 365 Accounts
A secretive phishing cabal boasts a sophisticated affiliate network and a modular, custom toolset that's claiming victims on three continents.
CSO
Proofpoint unveils new features to break cyberattack chain
The solutions target the most critical stages of a cyberattack to tackle business email compromise, ransomware, and data exfiltration.
The Hacker News
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw
Google's latest patch addresses a high-severity vulnerability in the Android Framework (CVE-2023-35674).
The Hacker News
Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
Iranian hackers deploying SideTwist backdoor in fresh phishing attack. Separate campaign features new variant of Agent Tesla
CyberSecurity Dive
Okta customers’ IT staff duped by MFA reset swindle
IT workers at four organizations using Okta were successfully hit by a consistent pattern of social engineering attacks.
Bleeping Computer
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft 365 corporate accounts.
The Hacker News
9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products
9 new vulnerabilities exposed in Schweitzer Engineering Laboratories' power management products. Learn how attackers could exploit these flaws.
Infosecurity News
Experts Uncover Underground Phishing “Empire” W3LL
Secretive group targets specifically Microsoft 365 accounts
The Hacker News
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
A hidden "phishing empire" dubbed W3LL Store has compromised 8,000+ Microsoft 365 business email accounts!
Ars Technica
4 Okta customers hit by campaign that gave attackers super admin control
Attackers already had credentials. Now, they just needed to bypass 2FA protections.
The Hacker News
Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface
In the world of cyber threats, is your organization truly secure? Find out how to defend against identity attacks and strengthen your defenses.
The Hacker News
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
Data breaches are getting more expensive! IBM's 2023 "Cost of a Breach" report reveals breach costs increased by 15% to $4.45 million.
SecurityWeek
Okta Says US Customers Targeted in Sophisticated Attacks
Okta says US-based customers have been targeted in social engineering attacks whose goal was to disable MFA and obtain high privileges.
Infosecurity News
Medical Data Breach: Ayush Jharkhand Hacked
According to CloudSEK, the leaked database contains over 320,000 patient records
Bleeping Computer
Okta: Hackers target IT help desks to gain Super Admin, disable MFA
Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt to trick them into resetting multi-factor authentication (MFA) for high-privileged users.
The Hacker News
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Hackers are now using a sneaky "MalDoc in PDF" technique to hide malicious Word files within PDFs.
Cyber Security News
Threat and Vulnerability Roundup for the week of August 27th to September 2nd
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also provide the most latest software upgrades available to keep your devices secure.
The Hacker News
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
Beware! Okta warns of social engineering attacks aimed at admin credentials. Threat actors are manipulating multi-factor authentication settings.
The Hacker News
It's a Zero-day? It's Malware? No! It's Username and Password
Worried about cyber threats? The surprising power of stolen usernames and passwords can compromise your security. Learn how to protect your data with
Cyber Security News
No Coding, No Compromise: A Breach Prevention SaaS Security Guide - 2023
No-code SaaS Security is the set of security protocols and measures used to protect apps and data in Software as a Service (SaaS).
Cyber Security News
Hackers Launch Brute-Force Attack Cisco ASA SSL VPNs
Cisco ASA SSL VPN Appliances is a type of network security device that allows remote users to access a private network over the internet securely.
Bleeping Computer
Hacking campaign bruteforces Cisco VPNs to breach networks
Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA).
The Hacker News
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
Juniper firewalls, Openfire, and Apache RocketMQ servers are being actively targeted by cybercriminals.
SecurityWeek
The Reality of Cyberinsurance in 2023
The cyberinsurance industry is maturing. In its early days, it simply accepted cyber risk with few questions asked. It lost money.
Infosecurity News
Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platform
Existing phishing-as-a-service platforms are increasingly incorporating adversary-in-the-middle capabilities
The Hacker News
Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks
Microsoft warns about a surge in AiTM phishing attacks. Hackers are using smart phishing-as-a-service (PhaaS) platforms to scale up their campaigns an
Cyber Security News
Top 10 Best Practices for Cybersecurity Professionals to Securing Your Database
In today’s digital landscape, databases are the fortresses where an organization’s most valuable data assets are stored and managed.
The Hacker News
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
The leak of LockBit 3.0 ransomware builder has led to the emergence of various new cyber threats: Bl00dy, Buhti, and NATIONAL HAZARD AGENCY.
The Hacker News
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack
Kroll reveals an employee's T-Mobile account was compromised due to a sophisticated SIM swap attack.
Bleeping Computer
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection
Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing, and information technology organizations likely for espionage purposes.
Bleeping Computer
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors
Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants.
Cyber Security News
Flax Typhoon Group Abusing Built-in Operating System Tools to Deploy Malware
Recently, cybersecurity analysts at Microsoft have linked this campaign to 'Flax Typhoon,' a Chinese nation-state actor that has links with 'ETHEREAL PANDA.'
The Hacker News
Two LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm Hacks
Remember the hacks on Uber, Revolut, & Rockstar Games? Two UK teenagers, part of the infamous LAPSUS$ gang, convicted for high-profile hacks.