October 28, 2023 at 04:18AM New findings reveal a covert attempt to intercept traffic from the instant messaging service jabber[.]ru, using servers in Germany. The attacker used Let’s Encrypt TLS certificates to hijack encrypted connections. The wiretapping is estimated to have lasted for six months, from April to October 2023. The investigation suggests a case … Read more
October 26, 2023 at 04:48AM The Iranian threat actor Tortoiseshell is responsible for a new series of watering hole attacks. They use a malware called IMAPLoader, which acts as a downloader for additional payloads. The attacks target various sectors, including maritime, shipping, logistics, and nuclear industries. Tortoiseshell has a history of strategic website compromises and … Read more
October 21, 2023 at 05:09AM Identity services provider Okta disclosed a security incident where threat actors used stolen credentials to access its support case management system. Okta confirmed that customer data in the support system was compromised, but its production Okta service was not affected. The breach has also impacted customers Cloudflare and BeyondTrust. This … Read more