More Okta Customers Hacked
Attackers compromised customer support files containing cookies and session tokens, which could result in malicious impersonation of valid Okta users.
2023
From Snooze to Enthuse: Making Security Awareness Training ‘Sticky’
Most companies offer some kind of awareness training these days. But how much of those lessons are employees actually retaining?
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
SolarWinds' access controls contain five high-severity and three critical-severity security vulnerabilities that need to be patched yesterday.
Cisco Finds New Zero-Day Bug, Pledges Patches in Days
A patch for the max-severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to…
DoD Gets Closer to Nominating Cyber Policy Chief
Though there is speculation regarding potential candidates, the Department of Defense will likely not nominate someone in the near term.
Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors
Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.
SIM Card Ownership Slashed in Burkina Faso
Users could hold up to five SIM cards previously, but now they can only have two; it's a move that…
Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid
To make cybersecurity an organizationwide priority, CISOs must avoid these common input, empathy, and alignment obstacles.
What are Your Exception Expectations?
Cybersecurity exceptions are a fact of life in most organizations, but there's work that should be done to make sure…
CVE-2023-46604 Detection: HelloKitty Ransomware Maintainers Exploits RCE Vulnerability in Apache ActiveMQ
At the turn of November, hot over the heels of disclosing CVE-2023-43208, the Mirth Connect vulnerability, another security bug comes…