Okta
Fresh Okta breach exposes files: HAR, but no laughing matter
The attackers used a "stolen credential to access Okta's support case management system"
Vodafone
Vodafone wins £52 million gas CNI network contract
The contract, effective early September, will see Vodafone link National Gas operational control centres, critical national infrastructure (CNI) data centres and remote sites
Cisco
Incident response exercises urged after mass Cisco device exploitation
Cisco says patch pending October 22 for what transpires to have been two discrete zero days...
AWS
AWS’s S3 data replication falters in US-EAST-1 as hyperscaler tackles "backlog"
" our engineers have been focused on mitigating the impact of the delayed replication through changes made to replication subsystems, resource adjustments and other modifications"
NSA
Top 10 misconfigurations: NSA checklist for CISOs flags Active Directory Certificate Services
"In some cases, the actor may be restricted or detected by advanced defense-in-depth and zero trust implementations as well, but this has been a rare finding in assessments thus far"
nuclear
UK nuclear firms get code red warning over cybersecurity failings
Cybersecurity failures "escalated…to significantly enhanced attention"
IAM
How EQ banked on Boundary for IAM long before GA
Challenger bank makes a bold choice for new identity and access management program
Banking
Goldman Sachs stung as it dumps fintech, commercial real estate losses mount
Commercial real estate losses show scale of "remote work" damage on CRE area.
Epic
Epic relies on Nomad to keep gamers’ fantasy islands afloat
Kubernetes would have meant “monumental” amount of work
Cisco
CVSS 10 Cisco bug is getting exploited, has no patch
"We have also seen devices... getting the implant successfully installed through an as of yet undetermined mechanism."
Palantir
Government warned on free (and competition-free) Palantir contracts over Ukraine scheme
HMG's Chief Commercial Officer wrote to the data software firm to raise concerns, which it rejects.
Cybersecurity
Security veterans team up to tackle “Cyber Poverty”
"Because of the interconnected nature of our supply chain, the ramifications of a single incident in these underserved less cyber mature pockets can have devastating downstream impact..."