This Cybersecurity Awareness Month, Don’t Lose Sight of Human Risk

October 24, 2023 at 05:10PM Cybersecurity Awareness Month celebrates its 20th anniversary by promoting the importance of cybersecurity education. The initiative, which began in the US and has now become a global movement, encourages proactive measures and knowledge-sharing to address human risk, which accounts for over 80% of cybersecurity incidents. Microsoft recommends focusing on enabling … Read more

1Password confirms attacker tried to pull list of admin users after Okta intrusion

October 24, 2023 at 11:21AM 1Password has confirmed that it was attacked by cyber criminals following a breach of Okta’s customer support portal. The attack was detected on September 29 and the company’s incident response team quickly engaged, finding a suspicious IP address and unauthorized access to the Okta instance. While no user data or … Read more

1Password Detects Suspicious Activity Following Okta Support Breach

October 24, 2023 at 01:51AM Password management solution 1Password had a breach of its Okta instance, but no user data was accessed. The breach involved a threat actor attempting to access an IT team member’s user dashboard and manipulate authentication flows. Measures have been taken to enhance security, including tighter MFA rules and reducing the … Read more

Casio Says Personal Information Accessed in Web Application Server Hack

October 23, 2023 at 04:12PM Casio, the Japanese electronics maker, announced a data breach that exposed the personal information of customers in 150 countries. The breach occurred in the development environment for ClassPad.net, an education web application managed by Casio. The company attributed the breach to an operational error and insufficient security measures. The compromised … Read more

Okta says its support system was breached using stolen credentials

October 20, 2023 at 02:48PM Attackers breached Okta’s support management system using stolen credentials, gaining access to files containing cookies and session tokens uploaded by customers. The incident did not impact the production Okta service or the Auth0/CIC case management system. Okta notified affected customers and advised all customers to sanitize their HAR files to … Read more

Europol knocks RagnarLocker offline in second major ransomware bust this year

October 19, 2023 at 12:34PM Law enforcement agencies, including Europol’s European Cybercrime Centre, the FBI, and Germany’s Bundeskriminalamt, have taken control of RagnarLocker ransomware group’s leak site in a coordinated effort. The takedown is part of a broader campaign to dismantle ransomware groups. RagnarLocker is known for targeting critical infrastructure and using a double extortion … Read more

FBI: Hackers Are Extorting Plastic Surgery Providers, Patients

October 18, 2023 at 04:46PM Cybercriminals are targeting plastic surgery offices, stealing medical records and using them to extort doctors and patients. The trend is not limited to the US, as plastic surgeons in Brazil and the UK have also been affected. The FBI has warned about these attacks and provided security tips for patients, … Read more

Over 10,000 Cisco devices hacked in IOS XE zero-day attacks

October 17, 2023 at 04:49PM More than 10,000 Cisco IOS XE devices have been compromised and infected with malicious implants through a zero-day bug. The vulnerability has been exploited in attacks on devices running Cisco IOS XE software with the Web User Interface feature and HTTP/HTTPS Server feature enabled. Security company VulnCheck has released a … Read more

AI algorithm detects MitM attacks on unmanned military vehicles

October 15, 2023 at 01:53PM Researchers at the University of South Australia and Charles Sturt University have developed an algorithm using machine learning to detect man-in-the-middle (MitM) attacks on unmanned military robots. The algorithm, tested on a replica of the GVR-BOT used by the U.S. Army, achieved a 99% success rate in preventing attacks. The … Read more