» Blog

Summary The threat actor known as Intel Broker has allegedly claimed responsibility for a major data breach at technology firm Cisco, stealing sensitive information, including source codes, credentials, and confidential documents. The breach allegedly occurred on October 6 or June 10, 2024, depending on date format, with Intel Broker announcing the theft on Breach Forums on October…

Summary Adobe Commerce and Magento online stores are being targeted in CosmicSting attacks at an increasingly scaling rate, with threat actors hacking approximately 5% of all Adobe Commerce and Magento stores. The CosmicSting vulnerability, designated CVE-2024-34102, is a critical severity information disclosure flaw; when chained with CVE-2024-2961, a security issue in glibc’s iconv function, an attacker can achieve…

Researchers from BitSight Technologies’ TRACE team have uncovered several critical zero-day vulnerabilities in six Automatic Tank Gauge (ATG) systems from five different vendors. If these vulnerabilities are weaponized, malicious actors could exploit industrial control systems (ICS) used in critical infrastructure sectors, including retail and hospitality, potentially causing harm, including physical destruction, environmental risks, and financial losses….

Yubico and Microsoft deliver strong identity, endpoint and access controls to Hyatt’s global operations Hyatt Hotels Corporation is one of the world’s most well-recognized and respected hospitality brands with approximately 1,500 hotel and all-inclusive properties spanning across 70 countries. With so many properties and employees spread out across the globe, it is a daunting task…

Modern Authentication is the Word on the Street A few months ago, I attended the RH-ISAC Spring Summit 2024 to discuss all things Identity and Access Management (IAM) with practitioners at companies of all sizes. The best part of these interactions was the pure joy and pride these experts had while talking about their identity…