CyberSecurity updates
Updated: 2024-11-23 09:33:13 Pacfic

ciso2ciso.com
Iranian Hackers Target Microsoft 365 and Citrix Systems with MFA Push Bombing - 4d

Iranian hackers are targeting organizations with a sophisticated multi-factor authentication (MFA) push-bombing attack, aiming to compromise their Microsoft 365, Azure, and Citrix Systems accounts. This attack involves sending a barrage of MFA push notifications to a victim’s device, overwhelming them with authentication requests and potentially tricking them into approving a malicious login.
The attackers exploit the user’s trust in MFA and their desire to quickly clear the notifications. This attack highlights the importance of implementing robust MFA strategies, including the use of advanced MFA solutions and security awareness training for employees. Organizations should also be wary of suspicious activity related to MFA notifications and promptly investigate any unusual behavior.

crowdstrike.com
Anonymous Sudan DDoS Attacks Disrupted, Operators Indicted - 5d

The U.S. Department of Justice has indicted two Sudanese brothers suspected of being the operators of Anonymous Sudan, a notorious hacktivist group known for conducting over 35,000 DDoS attacks in a year. The group has been responsible for targeting various entities, including hospitals, government facilities, and critical infrastructure in Los Angeles and around the world. The indictment marks a significant step towards disrupting the group’s activities and holding its members accountable for their actions.


This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.