Getty Images reader comments 25 with Identity and authentication management provider Okta has been hit by another breach, this one against a third-party vendor that allowed hackers to steal personal information for 5,000 Okta employees. The compromise was carried out in late September against Rightway Healthcare, a service Okta uses to support employees and their… Read More »
Enlarge / This is not what a hacker looks like. Except on hacker cosplay night. reader comments 4 with Microsoft has been tracking a threat group that stands out for its ability to cash in from data theft hacks that use broad social engineering attacks, painstaking research, and occasional physical threats. Unlike many ransomware attack… Read More »
reader comments 8 with Identity and authentication management provider Okta said hackers managed to view private customer information after gaining access to credentials to its customer support management system. “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases,” Okta Chief Security Officer David Bradbury said… Read More »
Wired staff; Getty Images reader comments 46 with For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they’re revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray… Read More »
Getty Images reader comments 9 with An unknown hacker gained administrative control of Sourcegraph, an AI-driven service used by developers at Uber, Reddit, Dropbox, and other companies, and used it to provide free access to resources that normally would have required payment. In the process, the hacker(s) may have accessed personal information belonging to Sourcegraph… Read More »
reader comments 31 with In late May, researchers drove out a team of China state hackers who over the previous seven months had exploited a critical vulnerability that gave them backdoors into the networks of a who’s who of sensitive organizations. Barracuda, the security vendor whose Email Security Gateway was being exploited, had deployed a… Read More »
Enlarge / Viktor Zhora from Ukraine’s information protection service, says cyber has become a major component of hybrid warfare. Dragonflypd.com/Black Hat reader comments 21 with Viktor Zhora, the public face of Ukraine’s success against Russian cyberattacks, received a hero’s welcome earlier this month on stage at Black Hat, the world’s biggest cybersecurity gathering, in Las… Read More »
reader comments 17 with Travel rewards programs like those offered by airlines and hotels tout the specific perks of joining their club over others. Under the hood, though, the digital infrastructure for many of these programs—including Delta SkyMiles, United MileagePlus, Hilton Honors, and Marriott Bonvoy—is built on the same platform. The backend comes from the… Read More »
Getty Images reader comments 47 with A US senator is calling on the Justice Department to hold Microsoft responsible for “negligent cybersecurity practices” that enabled Chinese espionage hackers to steal hundreds of thousands of emails from cloud customers, including officials in the US Departments of State and Commerce. “Holding Microsoft responsible for its negligence will… Read More »
Enlarge / The number of deepfakes used in scams in just the first three months of 2023 outstripped all of 2022. FT Montage/Getty Images reader comments 18 with When Progress Corp, the Massachusetts-based maker of business software, revealed its file transfer system had been compromised this month, the issue quickly gathered global significance. A Russian-speaking… Read More »