A new sophisticated threat tracked as ‘TetrisPhantom’ has been using compromised secure USB drives to target government systems in the Asia-Pacific region. […]
Microsoft announces Security Copilot early access program
Microsoft announced this week that its ChatGPT-like Security Copilot AI assistant is now available in early access for some customers. […]
American Family Insurance confirms cyberattack is behind IT outages
Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after customers reported website outages all week. […]
The Week in Ransomware – October 20th 2023 – Fighting Back
This was a bad week for ransomware, with the Trigona ransomware suffering a data breach and law enforcement disrupting the RagnarLocker ransomware operation. […]
International Criminal Court systems breached for cyber espionage
The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes. […]
Cisco discloses new IOS XE zero-day exploited to deploy malware implant
Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. […]
Okta says its support system was breached using stolen credentials
Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials. […]
Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer
Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a “key target” in France.
“In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia,” the agency said. “The main perpetrator, suspected of being a developer of the Ragnar group, has been brought in front of the examining
“In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia,” the agency said. “The main perpetrator, suspected of being a developer of the Ragnar group, has been brought in front of the examining
Okta’s Support System Breach Exposes Customer Data to Unidentified Threat Actors
Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials to access its support case management system.
“The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases,” David Bradbury, Okta’s chief security officer, said. “It should be noted that the Okta
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices.
Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 (CVSS score: 10.0) as part of an exploit chain.
“The
Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 (CVSS score: 10.0) as part of an exploit chain.
“The