Security Bulletin

Suspicious activity has been identified by widely used password manager 1Password in an Okta instance leveraged for employee-facing app management, which has been confirmed to be related to the compromise of Okta's customer support management system...

BleepingComputer reports that QNAP has worked with Digital Ocean to dismantle a command-and-control server leveraged to facilitate far-reaching brute-force attacks aimed at vulnerable QNAP network-attached storage devices just two days after...

Industrial control system and operational technology cybersecurity firm Verve Industrial Protection is set to be acquired by major industrial technology provider Rockwell Automation following the signing of a definitive agreement, reports...

Updates to the National Cyber Incident Response Plan are being worked on by the Cybersecurity and Infrastructure Security Agency and the Office of the National Cyber Director after being mandated as part of the 2023 National Cybersecurity Strategy...

SiliconAngle reports that organizations in the hospitality industry have been subjected to increasingly sophisticated phishing attacks that involved Domain Name System protocol exploitation to evade detection.

Suspected Indian state-sponsored threat operation DoNot Team, also known as APT-C-35, SECTOR02, and Origami Elephant, have targeted organizations in Afghanistan and Pakistan with the novel Firebird backdoor in recent attacks, according to The Hacker...

Alfa-Bank, the largest private bank in Russia, was confirmed by a source from the SBU to have been hacked in a joint operation by Ukrainian hacktivist groups KibOrg and NLB and the country's security agency last week, reports The Record, a news site...

New DLL side-loading has been leveraged by the Quasar RAT backdoor, also known as CinaRAT or Yggdrasil, to further obscure malicious data exfiltration activities against Windows devices, The Hacker News reports.

Organizations should focus on four key areas to advance employee education and "cyber smartness."