Jul 15, 2023THNCyber Attack / Enterprise Security Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consumer signing key and used it … [Read more...] about Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens
Breach
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come … [Read more...] about Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Reddit Suffers Security Breach Exposing Internal Documents and Source Code
Feb 10, 2023Ravie LakshmananData Breach / Source Code Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on a "sophisticated and highly-targeted phishing attack" … [Read more...] about Reddit Suffers Security Breach Exposing Internal Documents and Source Code
Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
Feb 01, 2023Ravie LakshmananEnterprise Security / Authentication Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were … [Read more...] about Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised
Jan 25, 2023Ravie LakshmananData Breach / Remote Work Tool LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident. The breach, which targeted a third-party cloud storage service, impacted Central, … [Read more...] about LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised
Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information
Jan 19, 2023Ravie LakshmananEmail Security / Security Breach Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled threat actors to access an internal support and account admin tool to obtain information about 133 customers. "The unauthorized actor conducted a social engineering attack on Mailchimp employees and … [Read more...] about Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information
Hackers Breach Okta’s GitHub Repositories, Steal Source Code
Dec 22, 2022Ravie LakshmananSoftware Security / Data Breach Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month. "There is no impact to any customers, including any HIPAA, FedRAMP or DoD customers," the company said in a public … [Read more...] about Hackers Breach Okta’s GitHub Repositories, Steal Source Code
Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into … [Read more...] about Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
Uber Claims No Sensitive Data Exposed in Latest Breach… But There’s More to This
Uber, in an update, said there is "no evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday. "We have no evidence that the incident involved access to sensitive user data (like trip history)," the company said. "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app … [Read more...] about Uber Claims No Sensitive Data Exposed in Latest Breach… But There’s More to This
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. "Initial malicious activity originated from a Mitel appliance sitting on the network perimeter," researchers from cybersecurity firm Arctic Wolf said in … [Read more...] about Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks