Roku is now creating two-factor authentication (2FA) mandatory for its users after two separate incidents where customer accounts were compromised. Approximately 591,000 customers were affected earlier this year: The first…
Category: Cyber Security
Defense Award Launches Purdue Project to Strengthen Cyber-Physical Systems
PRESS RELEASE WEST LAFAYETTE, Ind. — Hiccups and failures in consumer cyber-physical systems such as smart gadgets and appliances are inconvenient and annoying. But in mission-critical applications for the Department…
Cisco Duo Multi-Factor Authentication Service Breach
A third-party provider that handles telephony for Cisco’s Duo multi-factor authentication (MFA) service has been compromised in a social engineering cyberattack. Cisco Duo customers have now been warned to be…
The role of just-in-time privileged access in the evolution of security
April 15, 2024News about hackersActive Directory/Attack Surface To minimize the risk of privilege abuse, a trend in the privileged access management (PAM) solution market is to implement just-in-time (JIT) privileged…
Microsoft wants you to watch what it says, not what it does
COMMENT In the middle of the assembly criticisms AND regulatory control of its anticompetitive practices, Microsoft, in late February, announced a series of Principles of access to AI which it…
Intel and Lenovo BMCs contain unpatched Lighttpd server flaws
April 15, 2024PressroomFirmware security/vulnerabilities A security flaw affecting the Lighttpd web server used in baseboard management controllers (BMCs) has not been fixed by device vendors such as Intel and Lenovo,…
Iran-backed hackers send threatening messages to Israelis
Israeli citizens have received threatening text messages allegedly from an Iranian-backed hacking team warning that they have hijacked the nation’s radar systems, stating: “You only have a few hours to…
Confused Libra shifts focus to SaaS and Cloud for extortion and data theft attacks
April 15, 2024PressroomCloud Security/SaaS Security The menacing actor known as Confused Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in an attempt to…
Web3 Game Developers Targeted by Cryptocurrency Theft Scheme
A Russian threat actor is making inroads game developers with fraudulent Web3 game projects releasing multiple infostealer variants on MacOS and Windows devices. According to Recorded Future’s Insikt Group, which…
Launching rockets for innovation, but beware the darkness ahead
Imagine a world where the software that powers your favorite apps, protects your online transactions, and maintains your digital life could be outsmarted and taken over by a cleverly disguised…