Okta’s GitHub source code repositories hacked
Okta, a leading solution provider of identity and access management solutions, has confirmed their private GitHub repositories were hacked this month.
Securezoo Cybersecurity Threat Center blog posts of new cybersecurity attacks.
Okta, a leading solution provider of identity and access management solutions, has confirmed their private GitHub repositories were hacked this month.
Microsoft researchers have detected a cross-platform botnet designed to infect Windows, Linux, and IoT devices. The botnet dubbed “MCCrash” then launches distributed denial of service (DDoS) attacks against private Minecraft servers.
AÂ ransomware-as-a-service group has released a new variant of Agenda ransomware written in Rust, designed to target more companies from different countries. The group has also posted company victims online, threatening to publish private files.
The Cybersecurity and Infrastructure Security Agency (CISA) has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include iOS, Microsoft, Fortinet, Citrix and Veeam vulnerabilities.
Security researchers have spotted a unique botnet dubbed Zerobot exploiting 21 IoT, network and other vulnerabilities, such as F5 BIG-IP, D-Link, Zyxel, Spring4Shell and other flaws.
Cloud computing services company Rackspace has reported a security incident involving Hosted Exchange services.
The Microsoft Detection and Response Team (DART) has spotted an increase in attackers using token theft in the cloud to compromise corporate systems while bypassing multi-factor authentication (MFA) and other authentication controls.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have published a joint security alert for multiple vulnerabilities against Zimbra Collaboration Suite (ZCS).
The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit common, publicly known vulnerabilities used since 2020 to “actively target U.S. and allied networks.”
Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.