Breach

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Nov 1, 2024 by iHash Leave a Comment

Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and … [Read more...] about Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

Aug 16, 2024 by iHash Leave a Comment

Aug 16, 2024Ravie LakshmananCloud Security / Application Security A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the … [Read more...] about Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

Jul 13, 2024 by iHash Leave a Comment

American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T's wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, … [Read more...] about AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

Apr 3, 2024 by iHash Leave a Comment

Apr 03, 2024NewsroomData Breach / Incident Response The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year. The findings, released by the Department of Homeland Security (DHS) on Tuesday, … [Read more...] about U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

MongoDB Suffers Security Breach, Exposing Customer Data

Dec 17, 2023 by iHash Leave a Comment

Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, … [Read more...] about MongoDB Suffers Security Breach, Exposing Customer Data

Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

Dec 15, 2023 by iHash Leave a Comment

Dec 15, 2023NewsroomCryptocurrency / Malware Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company said in a … [Read more...] about Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

Okta’s Recent Customer Support Data Breach Impacted 134 Customers

Nov 4, 2023 by iHash Leave a Comment

Nov 04, 2023NewsroomData Breach / Cyber Attack Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing … [Read more...] about Okta’s Recent Customer Support Data Breach Impacted 134 Customers

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Nov 3, 2023 by iHash Leave a Comment

Nov 03, 2023NewsroomCloud Security / Linux The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a "new experimental campaign" designed to breach cloud environments. "Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by … [Read more...] about Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Okta’s Support System Breach Exposes Customer Data to Unidentified Threat Actors

Oct 21, 2023 by iHash Leave a Comment

Oct 21, 2023NewsroomData Breach / Cyber Attack Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials to access its support case management system. "The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases," David Bradbury, Okta's … [Read more...] about Okta’s Support System Breach Exposes Customer Data to Unidentified Threat Actors

New 2023 SEC Breach Disclosure Rules

Aug 8, 2023 by iHash Leave a Comment

The U.S. Securities and Exchange Commission (SEC) this week voted to adopt new rules for how companies inform investors about cybersecurity concerns. The vote comes after years of gradually increasing guidance and scrutiny over companies’ handling of cybersecurity events and follows a lengthy comment period where companies, including CrowdStrike, provided input. The new rules, … [Read more...] about New 2023 SEC Breach Disclosure Rules

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54