Okta warns that a Customer Identity Cloud (CIC) feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. Okta is a leading identity and access management company providing cloud-based solutions for secure access to apps, websites, and devices. It offers single sign-on (SSO), multi-factor authentication (MFA), universal directory, API…
Read More
May 29, 2024NewsroomEnterprise Security / Vulnerability Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. “The vulnerability potentially allows an attacker to…
Read More
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha. The malware is “specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure,” French cybersecurity company HarfangLab said in…
Read More
‘When we look at what’s in our pipeline, it is increasingly filled with newer technologies. That tells us that those newer offerings, whether they’re around cloud, around AI, around quantum, around digital workplace, are really getting the buyers’ attention,’ says Unisys’ Chairman and CEO Peter Altabef. While global IT solution provider Unisys can trace its…
Read More
The digital trust measurement gap Understanding and measuring digital trust can directly link digital trust to top line revenue, market share, and other indicators, ISACA found. But not all organizations are keeping track of digital trust. Of those measuring it, 94% agreed digital trust it’s extremely or very important to their organization, yet only 23%…
Read More
Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. On Monday, the company first warned about a spike in attacks targeting VPN devices, sharing recommendations on how admins can protect their devices. Later, it discovered the source of the…
Read More
The user clicks a “log in with WhatsApp” button on a website or scans a QR code, which results in a code appearing in WhatsApp. The user hits “send” on this message as if it’s from them and they are automatically logged in to the site. This works as a basic form of MFA because…
Read More
Customer AI spending, Data Cloud traction and MuleSoft progress are expected to come up. A pulse on customer spending on artificial intelligence. Traction in Data Cloud and Einstein 1. And continuing progress in MuleSoft. These are some of the major topics expected to come up Wednesday during Salesforce’s earnings call for its first fiscal quarter,…
Read More
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. Employee offboarding is typically seen as a routine administrative task, but it can pose substantial security risks, if not handled correctly. Failing to quickly and…
Read More
May 29, 2024NewsroomCybercrime / Cybersecurity The U.S. Department of Justice (DoJ) has sentenced a 31-year-old to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023. According to court…
Read More