November 8, 2023 at 11:51AM The FBI warns that ransomware threat actors are targeting casinos by exploiting vulnerabilities in vendor-controlled remote access and using legitimate system management tools. Small and tribal casinos have been targeted, with the Silent Ransom Group and Luna Moth carrying out phishing, data theft, and extortion attacks. The FBI advises implementing … Read more
November 3, 2023 at 03:42PM Threat actors breached Okta’s customer support system, stealing files related to 134 customers. Five specific customers, including BeyondTrust, 1Password, and Cloudflare, were targeted with the stolen data. The breach was due to compromised employee credentials on a personal device. Okta has revoked the affected session tokens and implemented measures to … Read more
November 1, 2023 at 10:54AM F5 is warning administrators of their BIG-IP devices about skilled hackers exploiting recently disclosed vulnerabilities. These hackers erase signs of their access and achieve stealthy code execution. Two critical vulnerabilities were identified, and F5 has urged admins to apply available security updates. The vulnerabilities allow for authentication bypass and SQL … Read more
November 1, 2023 at 08:49AM The ongoing debate about the effectiveness of deep packet inspection (DPI) in the security industry has intensified as networks become more dispersed. Recent research shows that deploying solutions for network visibility is increasingly challenging due to multi-cloud approaches and the adoption of Zero Trust models. Although DPI is not dead, … Read more
October 31, 2023 at 07:41PM Trend Micro offers zero day threat protection for networks by leveraging global research and artificial intelligence. Zero day threats are security vulnerabilities that haven’t been patched by the vendor community. These threats can cause significant damage, such as ransomware attacks, and organizations should take proactive measures to detect and remediate … Read more
October 30, 2023 at 11:15PM Public exploit code for the critical Cisco IOS XE vulnerability (CVE-2023-20198) is now available, which has been used to hack tens of thousands of devices. Cisco has released patches for most IOS XE software releases, but internet scans show that thousands of systems are still compromised. Researchers have provided details … Read more
October 27, 2023 at 10:43AM F5 has issued a warning to customers about a critical vulnerability in its BIG-IP product. The vulnerability, tracked as CVE-2023-46747, allows an unauthenticated attacker to remotely execute arbitrary code. The flaw is closely related to a request smuggling issue in the Apache HTTP Server and can be exploited to gain … Read more
October 26, 2023 at 06:18PM New data from Lumen Technologies reveals that the banking industry was the most targeted vertical for Distributed Denial of Service (DDoS) attacks in Q3 2023. A single banking customer experienced over 230 DDoS attacks in a single day, but Lumen’s multi-layered DDoS mitigation approach prevented any downtime. The report also … Read more
October 26, 2023 at 04:48AM Users of Mirth Connect, an open-source data integration platform, are urged to update to version 4.4.1 due to the discovery of an unauthenticated remote code execution vulnerability (CVE-2023-43208). Horizon3.ai warns that attackers may exploit this vulnerability to gain access to sensitive healthcare data. The flaw affects various versions of Mirth … Read more
October 25, 2023 at 08:03PM Westinghouse subsidiary BHI Energy confirmed experiencing an Akira ransomware attack in June. The threat actor gained access through a compromised account of a third-party contractor. They performed network reconnaissance before exfiltrating 690GB of data and deploying the ransomware. The threat actor was removed in July and BHI was able to … Read more