Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. (BleepingComputer)
| “The reuse of username and password pairs continues to pose a significant security risk, as it provides threat actors with an easily exploitable advantage. It is likely that Roku account holders affected by breaches may also find other accounts compromised, owing to the likelihood these credentials were obtained from a prior breach and or leak. Unfortunately, credential-stuffing attacks are prevalent and are successful enough to remain so. Set aside time to review your accounts, at the minimum to ensure you still have sole control over them. You may be surprised how many still share logins and or do not have MFA enabled.” – Jessica Owens, Senior SOC Analyst at Ingalls Information Security |
The Cybersecurity and Infrastructure Security Agency (CISA) has taken two systems offline in response to a compromise by Ivanti, a security software company. The decision was made to mitigate potential risks posed by the breach. Ivanti confirmed the incident and stated that the compromise was limited to a single software package. CISA's action underscores the severity with which government agencies respond to cybersecurity threats, particularly in safeguarding critical infrastructure. (The Record)
A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints. (SecurityWeek)
CVE-2024-48788, like many other recent Fortinet flaws, will likely be an attractive target, especially for nation-state-backed actors. (Dark Reading)
Stanford University says the personal information of 27,000 individuals was stolen in a ransomware attack impacting its Department of Public Safety (SUDPS) network. (BleepingComputer)
Microsoft says the Russian government-backed hacking team that broke into its corporate network and spied on senior executives also stole source code and may still be poking around its internal computer systems. (SecurityWeek)
Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. (BleepingComputer)
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. (The Hacker News)
With the help of Interpol's cybercrime unit, Brazilian authorities recently made headway in combatting the infamous Grandoreiro banking Trojan operation with the arrest of five suspects allegedly associated with the group. (Dark Reading)