November 29, 2023 at 10:54AM Hackers accessed Okta’s support system and obtained names and email addresses of all customer support users, broadening the scope of the October breach. Initially thought to affect only 134 customers, the intrusion actually compromised data from all Okta WIC and CIS customers, except those in high-security government environments. No sensitive … Read more
November 28, 2023 at 10:12AM Google is disputing a security vendor’s report on a design weakness in Google Workspace that allegedly exposes users to data theft and other security issues. According to Hunters Security, a flaw in Google Workspace’s domain-wide delegation feature allows attackers to steal email, exfiltrate data, and perform unauthorized actions. Google denies … Read more
November 27, 2023 at 10:04AM Insider threats refer to the risk of authorized individuals with access to an organization’s systems or sensitive information exploiting that access in malicious ways, such as data theft, sabotage, unauthorized access, or introducing malware. Detecting and preventing such threats can be challenging because perpetrators often have legitimate credentials. Effective strategies … Read more
November 24, 2023 at 07:36AM A Taiwanese software company was breached by a North Korean threat group known as Diamond Sleet. The hackers manipulated a legitimate application installer to download and execute a malicious payload. Microsoft has detected their activity and provided indicators of compromise for detection. The threat actor is known for data theft … Read more
November 20, 2023 at 02:00AM Appin Software Security, an Indian hack-for-hire group, has been conducting espionage, surveillance, and disruptive operations targeting various countries for over a decade. The group, initially an educational startup, has been involved in covert hacking operations since at least 2009. They have targeted high-value individuals, governmental organizations, and businesses involved in … Read more
November 17, 2023 at 06:29PM Ransomware gangs are targeting vulnerable Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. The threat actors exploit the Citrix Bleed vulnerability (CVE-2023-4966). Many recent victims, including Toyota Financial Services, ICBC, DP World, Allen & Overy, and Boeing, were found to have … Read more
November 17, 2023 at 02:23PM An investigation by a security vendor has confirmed previous reports linking an Indian hack-for-hire group, called Appin, to cyber espionage and surveillance activities. The group, which no longer exists under its original name, targeted businesses, executives, politicians, and government officials around the world. The investigation found evidence of data theft, … Read more
November 17, 2023 at 02:54AM U.S. cybersecurity and intelligence agencies have issued a joint advisory about a cybercriminal group called Scattered Spider, known for using sophisticated phishing tactics. The group engages in data theft for extortion and has recently used BlackCat/ALPHV ransomware. Scattered Spider relies on social engineering techniques and has connections to the Gen … Read more
November 16, 2023 at 07:33AM The ransomware group Alphv and BlackCat has allegedly breached the systems of MeridianLink, a California-based company, and claims to have stolen customer data and operational information. They have filed a complaint with the US Securities and Exchange Commission (SEC) accusing MeridianLink of failing to disclose the breach within the required … Read more
November 13, 2023 at 04:35PM Four major ports in Australia, operated by DP World, experienced a cyber attack that caused disruptions over the weekend. The company is responsible for 40% of freight in and out of the country. The exact nature of the attack is still unknown, but some experts speculate it may involve ransomware. … Read more