October 25, 2023 at 04:37AM Hunters International, a newly emerged ransomware gang, claims to have accessed a US plastic surgeon’s clinic and leaked patients’ pre-operation pictures in an attempt to speed up a ransom payment. The group has claimed attacks on only two victims so far. Security experts have linked Hunters International to the shuttered … Read more
October 24, 2023 at 04:19PM Password manager 1Password is the second victim of Okta’s recent customer support breach. Okta, a cloud-based identity and access management service, suffered a cyberattack that compromised access to customer support systems, allowing the attacker to infiltrate some customers, including 1Password. Fortunately, no user or employee data was compromised. Okta has … Read more
October 20, 2023 at 06:17PM Cisco has disclosed two high-severity zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, being actively exploited to compromise Cisco IOS XE devices. The company has found fixes for both vulnerabilities and plans to release them on October 22. Over 40,000 devices have already been compromised. System administrators are urged to disable the vulnerable … Read more
October 20, 2023 at 04:12PM Cisco is set to release a patch on October 22 for two zero-day vulnerabilities in its IOS XE devices. One vulnerability, discovered earlier, had already been exploited to compromise over 10,000 devices. A second flaw, identified later, is being used in the same exploit chain. Exploitation is expected to continue … Read more
October 19, 2023 at 08:42AM Australian cybersecurity startup, CipherStash, has raised $3 million in a seed funding round led by Skip Capital. The company uses queryable encryption technology to protect data, offering tighter access controls and tracking capabilities. CipherStash’s solution integrates with various programming languages and databases. The funding will support the expansion of their … Read more
October 18, 2023 at 04:46PM Cybercriminals are targeting plastic surgery offices, stealing medical records and using them to extort doctors and patients. The trend is not limited to the US, as plastic surgeons in Brazil and the UK have also been affected. The FBI has warned about these attacks and provided security tips for patients, … Read more
October 18, 2023 at 02:02PM The EPA has withdrawn its rules requiring cybersecurity assessments for water utilities due to legal challenges. Experts warn that this leaves the water sector vulnerable to cyberattacks, which could have serious public health and safety consequences. The EPA is now encouraging utilities to voluntarily conduct risk assessments and provide user … Read more
October 18, 2023 at 09:31AM The recent attacks by Hamas on Israel have had a significant impact on cybersecurity companies operating in Israel and those with ties to the country. Many Israeli-based firms are experiencing a reduction in manpower as reservists are called up for duty. There has also been an increase in cyberattacks against … Read more
October 16, 2023 at 03:07AM Zero trust, a security concept, is crucial for protecting cloud environments due to the increasing prevalence of data breaches and cyberattacks. Traditional security models that rely on securing the network perimeter are ineffective in cloud environments where data is dispersed and accessed from anywhere. Zero trust emphasizes continuous verification, least … Read more
October 13, 2023 at 12:50PM Microsoft has announced that the NTLM authentication protocol will be phased out in Windows 11. Kerberos has replaced NTLM as the default authentication protocol since Windows 2000. Despite being used in older versions, NTLM is still vulnerable to attacks such as relay attacks and pass-the-hash attacks. Microsoft is working on … Read more