Ransomware activity in September reached unprecedented levels following a relative lull in August that was still way above regular standards for summer months. […]
Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection
The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.
“Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check,” NCC Group’s Fox-IT team said. “Thus, for a lot of devices
“Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check,” NCC Group’s Fox-IT team said. “Thus, for a lot of devices
1Password Detects Suspicious Activity Following Okta Support Breach
Popular password management solution 1Password said it detected suspicious activity on its Okta instance on September 29 following the support system breach, but reiterated that no user data was accessed.
“We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing,” Pedro Canahuati, 1Password CTO,
“We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing,” Pedro Canahuati, 1Password CTO,
1Password discloses security incident linked to Okta breach
1Password, a popular password management platform used by over 100,000 businesses, suffered a security breach after hackers gained access to its Okta ID management tenant. […]
University of Michigan employee, student data stolen in cyberattack
The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its network in August and accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants. […]
Palestine crypto donation scams emerge amid Israel-Hamas war
As thousands of civilians die amid the deadly Israel-Hamas war, scammers are capitalizing on the horrific events to collect donations by pretending to be legitimate charities. BleepingComputer has come across several posts on X (formerly Twitter), Telegram and Instagram where scammers list dubious cryptocurrency wallet addresses. […]
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability. […]
US energy firm shares how Akira ransomware hacked its systems
In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their networks and stole the data during the attack. […]
Spain arrests 34 cybercriminals who stole data of 4 million people
The Spanish National Police have dismantled a cybercriminal organization that carried out a variety of computer scams to steal and monetize the data of over four million people. […]
Cisco patches IOS XE zero-days used to hack over 50,000 devices
Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. […]