Customers of Okta, an Identity and Access Management (IAM) company, log in using One-Time Passwords (OTPs) sent via SMS. Okta's clients can use temporary codes sent via SMS via Twilio as one of several methods of service authentication. The threat actor…

Ethereum is offering a reward of up to $1 million to anyone who discovers merge-related critical vulnerabilities on its blockchain. The reward will be increased fourfold. A "merge" is an upgrade to a network. The process, which is expected to be…

Galois, a firm specializing in the research and development of new technologies, has recently open-sourced a suite of tools for identifying vulnerabilities in C and C++ code.  Dubbed MATE, the tools are the result of a collaborative effort supported…

The Association for Uncrewed Vehicle Systems International (AUVSI) and Fortress Information Security (Fortress) have launched an industry-wide collaboration to create an enterprise cybersecurity model and a set of voluntary standards to address cyber…

The Federal Communications Commission (FCC) recently found that the top 15 mobile carriers collect geolocation data and provide no way for consumers to opt out.  AT&T, Best Buy Health, Charter, Comcast, Consumer Cellular, C-Spire, DISH Network,…

Security researchers at Acronis found that nearly half of breaches during the first six months of 2022 involved stolen credentials.  The researchers noted that the prime goal for cybercriminals is to use these credentials to launch ransomware…

According to security researchers with Palo Alto Networks' Unit 42 threat intelligence team, the Black Basta Ransomware-as-a-Service (RaaS) group has compromised more than 75 organizations in recent months. The RaaS group has been found to employ the…

Critical Insight recently released its H1 2022 Healthcare Data Breach Report, which analyzes ​​breach data reported to the United States Department of Health and Human Services by healthcare organizations.  The healthcare industry continued to be a…

NATO is investigating the leak of data allegedly stolen from a European missile systems firm and sold on the Dark Web by hackers. The leaked data includes weapon blueprints used by Ukraine in its current conflict with Russia. MBDA Missile Systems, a…

Security researchers at Resecurity, a California-based cybersecurity company, have identified leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19 symptoms.  The incident was uncovered…

Montenegro’s security agency recently warned that on Friday, hackers from Russia launched a massive, coordinated cyberattack against the small nation’s government and its services.  The Agency for National Security, or ANB, said Montenegro is “under…

Australia released its federal budget for 2022-2023 earlier this year, demonstrating a strong commitment to cybersecurity. The Australian Signals Directorate (ASD) will allocate and spend the AU$9.9 billion ($6.8 billion) investment over the next ten…