Okta Breach Widens to Affect 100% of Customer Base
Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them.
darkreading – Read More
Google Workspace Security: DeleFriend Vulnerability Could Allow Unwanted Access to APIs
Hunters researchers noted the vulnerability could lead to privilege escalation. Google said the report “does not identify an underlying security issue in our products.”
Security | TechRepublic – Read More
Associated Press, ESPN, CBS among top sites serving fake virus alerts
Threat actors dabbles in obfuscation and evasion techniques. However, as previously detailed by Confiant, they are using much more advanced tricks. Their JavaScript uses obfuscation with changing variable names, making identification harder.
Cyware News – Latest Cyber News – Read More
Apple Patches WebKit Flaws Exploited on Older iPhones
Cupertino’s security response team said it was aware of a report the flaws were already exploited against versions of iOS before iOS 16.7.1.
The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek.
SecurityWeek – Read More
68% of US Websites Exposed to Bot Attacks
By Deeba Ahmed
The conclusion was reached after researchers evaluated over 9,500 of the largest transactional websites in terms of traffic,…
This is a post from HackRead.com Read the original post: 68% of US Websites Exposed to Bot Attacks
Hackread – Latest Cybersecurity News, Press Releases & Technology Today – Read More
Feds Seize ‘Sinbad’ Crypto Mixer Used by North Korea’s Lazarus
The prolific threat actor has laundered hundreds of millions of dollars in stolen virtual currency through the service.
darkreading – Read More
Google Fixes a Seventh Zero-Day Flaw in Chrome—Update Now
Plus: Major security patches from Microsoft, Mozilla, Atlassian, Cisco, and more.
Security Latest – Read More
Deluge of Nearly 300 Fake Apps Floods Iranian Banking Sector
No Iranian bank customers are safe from financially motivated cybercriminals wielding convincing but fake mobile apps.
darkreading – Read More
Google issues an emergency update to fix yet another zero-day exploit for Chrome. Here’s what to know
2023 has been a banner year for zero-day exploits in Chrome and Google has patched its 6th and this one is considered an “emergency.”
Latest stories for ZDNET in Security – Read More
Claiming Zoom Rooms Service Accounts to Gain Access to Tenants
The finding highlights the potential misuse of service accounts to gain unauthorized access to SaaS systems. Abusing the bug enabled attackers to predict service account email addresses, hijack the accounts, and collect sensitive information.
Cyware News – Latest Cyber News – Read More