Identity and access management vendor Okta has confirmed a security breach in its support case management system due to stolen credentials. Okta customer BeyondTrust reportedly detected the theft earlier this month and alerted Okta of suspicious activity on its platform. The breach allowed unknown operators to view customer support case files with potential to impersonate valid users. Okta has notified affected customers and took preventive measures, including revoking embedded session tokens and adjusting the handling of HTTP Archive files.
GuidePoint warns of Python backdoor used in ransomware
GuidePoint Security identified a threat actor using a Python-based backdoor to persistently access breached endpoints and release RansomHub encryptors across compromised networks. The backdoor was