Okta, a leading provider of authentication services and Identity and Access Management (IAM) solutions, says that its private GitHub repositories were hacked this month. According to a 'confidential' email notification sent by Okta and seen by BleepingComputer, the security incident involves threat actors stealing Okta's source code. BleepingComputer has obtained a 'confidential' security incident notification that Okta has been emailing to its 'security contacts' as of a few hours ago. READ MORE...
Millions of people likely just received an email or snail mail notice saying they're eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money. READ MORE...
A pair of men living in New York, working with unnamed Russian nationals, hacked and manipulated the electronic taxis dispatch system at John F. Kennedy International Airport as part of a money-making scheme over a period of at least two years, federal prosecutors said Tuesday. Starting in at least September 2019, Daniel Abayev and Peter Leyman ran a pay-to-play system for cabbies who could jump the line instead of idling in a holding lot until hailed by a dispatcher. READ MORE...
German industrial engineering and steel production giant Thyssenkrupp has again confirmed being targeted by cybercriminals. The company told SecurityWeek that 'organized crime' is believed to be behind the attack. "Parts of the Materials Services and Corporate segment of Thyssenkrupp are currently affected. The possibility of the other segments and business units being affected can be ruled out at this time," a spokesperson of Thyssenkrupp Materials Services said in an emailed statement. READ MORE...
An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over 400 online banking sites and cryptocurrency exchanges. The malware generates login screens overlaid on top of the banking and crypto exchange apps' login forms when victims attempt to log in to the site, tricking the user into entering their credentials on well-crafted HTML phishing pages. READ MORE...
It's likely the group behind the worm called Raspberry Robin is just testing the waters - launching attacks against telecommunications companies and governments across Australia, Europe, and Latin America to see how far their malware can spread - for now. Researchers at Trend Micro have been tracking Raspberry Robin since September and are warning the worm is notable for its 10 layers of obfuscation and its ability to deploy a fake payload to throw off detection efforts. READ MORE...
A newly pioneered technique could render endpoint detection and response (EDR) platforms "blind" by unhooking the user-facing mode of the Windows kernel (NTDLL) from hardware breakpoints. This potentially gives malicious actors the ability to execute any function from within NTDLL and deliver it, without the EDR knowing it, researchers warned. The Cymulate Offensive Research Group noted in a report released Dec. 19 that the injected commands could be used to perform any number of operations. READ MORE...
Chinese video surveillance company Hikvision has patched a critical vulnerability in some of its wireless bridge products. The flaw can lead to remote CCTV hacking, according to the researchers who found it. In an advisory published on December 16, Hikvision revealed that two of its wireless bridge products, designed for elevator and other video surveillance systems, are affected by CVE-2022-28173, a critical access control vulnerability. READ MORE...