Please turn on your JavaScript for this page to function normally.
Okta breach post mortem reveals weaknesses exploited by attackers

The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our …

atlassian confluence
Atlassian Confluence data-wiping vulnerability exploited

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …

Microsoft launches new initiative to augment security

Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost …

ransomware
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)

Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …

F5
F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has …

MITRE ATT&CK
MITRE ATT&CK v14 released

MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. …

Atlassian
Atlassian patches critical Confluence bug, urges for immediate action (CVE-2023-22518)

Atlassian is urging enterprise administrators to update their on-premises Confluence Data Center and Server installations quickly to plug a critical security vulnerability …

Citrix
Citrix Bleed: Mass exploitation in progress (CVE-2023-4966)

CVE-2023-4966, aka “Citrix Bleed”, a critical information disclosure vulnerability affecting Citrix NetScaler ADC/Gateway devices, is being massively exploited by …

Apple
Apple news: iLeakage attack, MAC address leakage bug

On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as …

Quishing
Quishing: Tricks to look out for

QR code phishing – aka “quishing” – is on the rise, according to HP, Darktrace, Malwarebytes, AusCERT, and many others. What are QR codes? QR codes are …

roundcube
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)

The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental …

1Password
1Password also affected by Okta Support System breach

Following in the footsteps of BeyondTrust and CloudFlare, 1Password has revealed that it has been affected by the Okta Support System breach. “On September 29, we …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools