Cisco Duo’s Multifactor Authentication Service Breached
A third-party telephony service provider for Cisco Duo falls prey to social engineering, and the company advises customer vigilance against…
Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense,…
CISA orders agencies impacted by Microsoft hack to mitigate risks
CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple…
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack
The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled…
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and…
Ukraine aid could be saved by obscure congressional rules, Reagan-era politics, Boll Weevils and Gypsy Moths
An obscure congressional rule could force the House to vote on Ukraine aid without Speaker Johnson's blessing, but the last…
How the Ukraine aid debate could bring back a House infestation of boll weevils and gypsy moths
A discharge petition are methods for a majority of House members to bypass the House Speaker, some members of Congress…
New Windows Server updates cause domain controller crashes, reboots
The March 2024 Windows Server updates are causing some domain controllers to crash and restart, according to widespread reports from Windows administrators.…
Bitcoin Fog mixer operator convicted for laundering $400 million
Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin Fog between 2011 and…
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control…