Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

Cisco Duo's Multifactor Authentication Service Breached

A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against subsequent phishing attacks.

DARKReading
#microsoft#cisco#auth
Roku Mandates 2FA for Customers After Credential-Stuffing Compromise

Roku assures customers that no financial information was stolen and that any purchases made through user accounts have been reimbursed.

Palo Alto Network Issues Hotfixes for Zero-Day Bug in Its Firewall OS

A sophisticated threat actor is leveraging the bug to deploy a Python backdoor for stealing data and executing other malicious actions.

Iran-Backed Hackers Blast Out Threatening Texts to Israelis

Handala threat group claims to have hacked radar systems in Israel as tensions rise between the two nations.

Web3 Game Developers Targeted in Crypto Theft Scheme

A Russian-language cyberattack campaign impersonates legitimate game operations to spread various cross-platform infostealers.

CISA's Malware Analysis Platform Could Foster Better Threat Intel

But just how the government differentiates its platform from similar private-sector options remains to be seen.

New Tool Shields Organizations From NXDOMAIN Attacks

Akamai joins a growing list of security vendors aiming to strengthen companies' DNS defenses.

CISO Corner: Securing the AI Supply Chain; AI-Powered Security Platforms; Fighting for Cyber Awareness

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: facing hard truths in software security, and the latest guidance from the NSA.

CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits

Though Federal Civilian Executive Branch (FCEB) agencies are the primary targets, CISA encourages all organizations to up their security, given the high risk.

The Race for AI-Powered Security Platforms Heats Up

Microsoft, Google, and Simbian each offers generative AI systems that allow security operations teams to use natural language to automate cybersecurity tasks.