Recent Security News
-
Okta: October data breach affects all customer support system users
November 29, 2023 at 08:32AM Okta’s customer support system was breached, affecting all support system users and exposing names, emails, and other details. Less than 1% of customers had session tokens stolen. Okta advises all users, especially unsecured admins, to implement multi-factor authentication and increase vigilance against phishing. No credentials were exposed. Previous attacks included…
-
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
November 29, 2023 at 08:12AM CISA is tackling a cyber attack on Pennsylvania’s Municipal Water Authority by the Iranian-affiliated Cyber Av3ngers, who exploited Unitronics PLCs. The water facility is now manual with no drinking water risk. CISA advises strengthened cybersecurity, while Cyber Av3ngers continues targeting critical infrastructure. Meeting Takeaways: Cyber Attack on Municipal Water Authority…
-
British Library begins contacting customers as Rhysida leaks data dump
November 29, 2023 at 07:38AM The Rhysida ransomware group has released data purportedly stolen from the British Library, totaling 573GB. The library confirmed the breach, urging password changes. Services are disrupted, with recovery expected to take months. Rhysida initially auctioned the data for 20 Bitcoin, and experts stress the seriousness of such cyberattacks and their…
-
UK government rings the death knell for SIM farms
November 29, 2023 at 06:05AM The UK government is set to ban SIM farms, with unlimited fines for offenders, to combat cyber fraud. These devices, permitting mass messaging with minimal identity checks, hinder law enforcement efforts. The ban is part of a broader fraud strategy, with exemptions for legitimate uses and provisions to add future…
-
200+ Malicious Apps on Iranian Android Store Installed by Millions of Banking Users
November 29, 2023 at 05:36AM An expanded Android malware campaign aimed at Iranian banks now utilizes new evasion techniques and phishing tactics, with over 200 malicious apps identified. The malware seeks extensive permissions and steals credentials, leveraging Android accessibility services. Upgrades include SMS interception and resisting uninstallation, with infected apps receiving updates from GitHub and…