"Okta Says Hackers Stole Data For All Customer Support Users in Cyber Breach"

"Okta Says Hackers Stole Data For All Customer Support Users in Cyber Breach"

Okta recently revealed that hackers stole information on all users of its customer support system in a network breach two months ago.  The company notified customers that it had determined hackers had downloaded a report containing data, including names and email addresses of all clients who use its customer support system.  Okta's shares slumped in October after the company said that the breach allowed some hackers to view files uploaded by certain clients.  Okta provides identity services such as single sign-on and multi-factor authentication.  
 

Submitted by Adam Ekwall on

"Google Patches Seventh Chrome Zero-Day of 2023"

"Google Patches Seventh Chrome Zero-Day of 2023"

Google recently announced a security update that addresses a zero-day vulnerability in the Chrome browser.  The high-severity issue tracked as CVE-2023-6345 is described as an integer overflow bug in Skia, the open-source 2D graphics library that serves as the graphics engine in Chrome, Firefox, and other browsers.  Google stated that it is aware that an exploit for CVE-2023-6345 exists in the wild.

Submitted by Adam Ekwall on

"AI Boosts Malware Detection Rates by 70%"

"AI Boosts Malware Detection Rates by 70%"

Threat intelligence-sharing platform VirusTotal has recently unveiled new research showing how cyber defenders can use AI to enhance malware analysis.  VirusTotal found that AI is extremely effective in analyzing malicious code, identifying 70% more malicious scripts than traditional techniques alone.  VirusTotal also observed that AI was up to 300% more accurate than traditional techniques at detecting attempts by malicious scripts to target a device with a common vulnerability or exploit.

Submitted by Adam Ekwall on

"Four Papers by CSE Researchers Appearing at CCS 2023"

"Four Papers by CSE Researchers Appearing at CCS 2023"

Researchers from the University of Michigan's Computer Science and Engineering (CSE) division are presenting papers at the Association for Computing Machinery Special Interest Group on Security, Audit and Control's (SIGSAC's) Conference on Computer and Communications Security (ACM CCS). The conference gathers experts and practitioners to share their latest ideas, innovations, and findings.

Submitted by Gregory Rigby on

"CyLab Faculty, Students to Present at ACM CCS 2023"

"CyLab Faculty, Students to Present at ACM CCS 2023"

Carnegie Mellon faculty and students are presenting on various topics at the Association for Computing Machinery Special Interest Group on Security, Audit and Control's (SIGSAC's) Conference on Computer and Communications Security (ACM CCS). The conference brings together information security researchers, practitioners, developers, and users worldwide to discuss novel ideas and findings.

Submitted by Gregory Rigby on

"Los Angeles SIM Swapper Sentenced to 8 Years in Prison"

"Los Angeles SIM Swapper Sentenced to 8 Years in Prison"

Amir Hossein Golshan, 25, of Los Angeles, was recently sentenced to 96 months in prison for perpetrating multiple cybercrime schemes, including one involving SIM swapping.  Between April 2019 and February 2023, Golshan caused roughly $740,000 in losses to hundreds of victims as a result of various online scams and unauthorized access to digital accounts.  According to the Department of Justice (DoJ), Golshan took over victims’ social media accounts, impersonated Apple support, and engaged in Zelle payment fraud schemes.

Submitted by Adam Ekwall on

"Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens"

"Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens"

Researchers have discovered a case of "forced authentication" that threat actors could exploit to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking the victim into opening a specially crafted Microsoft Access file. The attack exploits a legitimate database management system solution feature that enables users to link to external data sources such as a remote SQL Server table. NTLM, a challenge-response authentication protocol introduced by Microsoft in 1993, is used to authenticate users during sign-in.

Submitted by Gregory Rigby on

"SMBs Face Surge in 'Malware-Free' Attacks"

"SMBs Face Surge in 'Malware-Free' Attacks"

According to the inaugural SMB Threat Report by Huntress, a company that provides a security platform and services to small and midsize businesses (SMBs) and Managed Service Providers (MSPs), malware-free attacks, attackers' increased reliance on legitimate tools and scripting frameworks, and Business Email Compromise (BEC) scams were the most prominent threats SMBs faced in the third quarter of 2023.

Submitted by Gregory Rigby on

"Hackers Start Exploiting Critical ownCloud Flaw, Patch Now"

"Hackers Start Exploiting Critical ownCloud Flaw, Patch Now"

Hackers are targeting CVE-2023-49103, a critical ownCloud vulnerability that exposes admin passwords, mail server credentials, and license keys in containerized deployments. The ownCloud product is a popular open-source file synchronization and sharing solution for those who want to manage and share data through a self-hosted platform. On November 21, the developers of the software released security bulletins for three vulnerabilities that could lead to data breaches, suggesting that ownCloud administrators implement the recommended mitigations.

Submitted by Gregory Rigby on

"Police Dismantle Major Ukrainian Ransomware Operation"

"Police Dismantle Major Ukrainian Ransomware Operation"

Law enforcement agencies in seven countries recently teamed up with Europol and Eurojust to dismantle a major Ukraine-based ransomware operation.  According to Europol, 30 properties were searched on November 21 in four regions of Ukraine, resulting in the arrest of a 32-year-old who is allegedly the operation’s ringleader, as well as four key accomplices.  This law enforcement activity is part of an operation that resulted in the arrests of a dozen individuals back in 2021.  Europol noted that the cybercrime operation targeted thousands of entities across 71 countries.

Submitted by Adam Ekwall on
Subscribe to