November 2, 2023 at 11:19AM Boeing is investigating a cyberattack on its parts and distribution business by the LockBit ransomware gang. The incident did not affect flight safety, and the company is collaborating with law enforcement for an ongoing investigation. The Boeing services website is currently down due to technical issues. The ransomware gang claimed … Read more
November 1, 2023 at 10:54AM LayerX has developed a secure browser extension to address the various risks and vulnerabilities associated with browsers in modern enterprises. The extension offers comprehensive visibility, continuous monitoring, and granular policy enforcement within the browsing session. It can detect and mitigate risks such as data leakage, malicious browser extensions, and unauthorized … Read more
October 28, 2023 at 02:18PM The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach. Hackers gained access to the district’s email servers and allegedly stole personal information related to students, parents, and employees. CCSD disabled external access to its Google Workspace and reset all student passwords. The hackers, … Read more
October 26, 2023 at 06:56PM Octo Tempest, a native English-speaking threat actor tracked by Microsoft, has evolved from selling SIM swaps and stealing cryptocurrency accounts to conducting data extortion and ransomware attacks. The group targets companies in various sectors and has partnered with the ALPHV/BlackCat ransomware group. They employ advanced social engineering techniques, physical threats, … Read more
October 26, 2023 at 10:56AM StripedFly is a sophisticated cross-platform malware that infected over a million Windows and Linux systems for five years. Kaspersky discovered it in 2022 and found evidence of its activity since 2017. The malware features TOR-based traffic concealing mechanisms, automated updating, worm-like spreading, and an exploit created before it was publicly … Read more
October 24, 2023 at 05:10PM Cybersecurity Awareness Month celebrates its 20th anniversary by promoting the importance of cybersecurity education. The initiative, which began in the US and has now become a global movement, encourages proactive measures and knowledge-sharing to address human risk, which accounts for over 80% of cybersecurity incidents. Microsoft recommends focusing on enabling … Read more
October 24, 2023 at 11:21AM 1Password has confirmed that it was attacked by cyber criminals following a breach of Okta’s customer support portal. The attack was detected on September 29 and the company’s incident response team quickly engaged, finding a suspicious IP address and unauthorized access to the Okta instance. While no user data or … Read more
October 24, 2023 at 01:51AM Password management solution 1Password had a breach of its Okta instance, but no user data was accessed. The breach involved a threat actor attempting to access an IT team member’s user dashboard and manipulate authentication flows. Measures have been taken to enhance security, including tighter MFA rules and reducing the … Read more
October 23, 2023 at 04:12PM Casio, the Japanese electronics maker, announced a data breach that exposed the personal information of customers in 150 countries. The breach occurred in the development environment for ClassPad.net, an education web application managed by Casio. The company attributed the breach to an operational error and insufficient security measures. The compromised … Read more
October 20, 2023 at 02:48PM Attackers breached Okta’s support management system using stolen credentials, gaining access to files containing cookies and session tokens uploaded by customers. The incident did not impact the production Okta service or the Auth0/CIC case management system. Okta notified affected customers and advised all customers to sanitize their HAR files to … Read more