Google Cloud mandates MFA by end of 2025

Google Cloud on Nov. 4 told the business community that it plans to implement mandatory multi-factor authentication (MFA) in three phases starting now and continuing to the end of 2025. In a blog post, the company said mandatory MFA will affect all Google Cloud customers, including business customers and individual developers who access the Google […]

Updated Strela Stealer malware hits Germany, Spain

Attacks with a more potent and covert iteration of the Strela Stealer email credential stealer have been deployed in Central and Southwestern Europe, particularly Germany and Spain as part of a new attack campaign, reports Cybernews. Malicious emails purporting to be invoices that contain ZIP attachments have been delivered to facilitate the execution of a […]

New Army Cyber Command AI tool shows promise in bolstering Pentagon network defenses

Army Cyber Command’s artificial intelligence tool Panoptic Junction was noted by Cyber Command Executive Director Morgan Adamski to have exhibited promise in bolstering threat intelligence analysis and malicious cyber activity detection throughout its pilot testing period that commenced in April, DefenseScoop reports. Aside from enabling simultaneous network risk evaluations and threat intelligence delivery, Panopticon Junction […]

Ransomware landscape dominated by RansomHub

Nineteen percent of all ransomware attack victims in September were compromised by the RansomHub operation, making it the most active ransomware gang despite only emerging in February, Cybernews reports. Play, Qilin, Medusa, and LockBit — which was the dominant ransomware operation in 2022 and 2023 before being subjected to law enforcement crackdowns this year — […]

Dstat.cc DDoS platform disrupted in global crackdown

BleepingComputer reports that German law enforcement has led the disruption of the distributed denial-of-service review platform Dstat.cc, with the sequestration of the site and the arrests of its suspected leaders, who also managed Flight RCS marketplace for synthetic drugs, as part of the global Operation PowerOFF effort against DDoS-for-hire platforms. Pro-Russian hacktivist operations Killnet and […]

US jails real estate phisher

The U.S. Department of Justice announced that Nigerian hacker Kolade Akinwale Ojelade has been sentenced to more than 26 years imprisonment for his involvement in a massive phishing scam against real estate businesses that resulted in the theft of $12 million. Source link

Telecom Acquisitions and KCOM sign strategic partnership 

News The agreement is set to come into effect on November 19  Telecom Acquisitions Limited (TAL) has announced the signing of a wholesale partnership with KCOM, the main broadband provider in Hull, East Yorkshire, and North Lincolnshire. Through the deal, TAL’s Eclipse Broadband brand will now offer services on KCOM’s expanded fibre network in these […]

FBI: US facing escalating fraudulent emergency data requests

Most recent evidence of ramping EDR exploitation was a posting of “high-quality” .gov emails, including U.S. credentials, on a hacking forum in August, with the known threat actor offering guidance on EDRs and the sale of legitimate subpoena documents to impersonate law enforcement. Source link

Market and Buyer’s Guide for Customer Identity and Access Management 2024

A major challenge in CIAM is managing fragmented and unreliable identity data, with 75% of businesses facing issues from inconsistent data sources, inadequate identity verification, and poor data governance. Data privacy regulations further complicate this by restricting data collection and enforcing region-specific compliance, making managing identities across an organization challenging. This complexity requires a balance […]