Microsoft and authentication services provider Okta said they are investigating claims of a potential breach alleged by the LAPSUS$ extortionist gang. The development, which was first reported by Vice and Reuters, comes after the cyber criminal group posted screenshots and source code of what it said were the companies' internal projects and systems on its Telegram channel. The … [Read more...] about LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta
Breached
Hackers Breached Colonial Pipeline Using Compromised VPN Password
The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was reported by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as … [Read more...] about Hackers Breached Colonial Pipeline Using Compromised VPN Password
SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm
Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by … [Read more...] about SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm
Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data
21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[.]com, a now-defunct online service that had been previously selling access to data hacked from other websites. The suspects used stolen personal credentials to commit further cyber and fraud offences, the NCA said. Of the 21 arrested—all men aged between 18 and … [Read more...] about Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data
A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
As the probe into the SolarWinds supply chain attack continues, new digital forensic evidence has brought to light that a separate threat actor may have been abusing the IT infrastructure provider's Orion software to drop a similar persistent backdoor on target systems. "The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also … [Read more...] about A Second Hacker Group May Have Also Breached SolarWinds, Microsoft Says
Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft's compromise was first reported by Reuters, which also said the company's own … [Read more...] about Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack
How Organizations Can Prevent Users from Using Breached Passwords
There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys to the front door? No matter how extensive your security solutions are, protecting the various systems in your environment, your organization … [Read more...] about How Organizations Can Prevent Users from Using Breached Passwords
Report Reveals TeamViewer Was Breached By Chinese Hackers In 2016
The German software company behind TeamViewer, one of the most popular software in the world that allows users to access and share their desktops remotely, was reportedly compromised in 2016, the German newspaper Der Spiegel revealed today.TeamViewer is popular remote-support software that allows you to securely share your desktop or take full control of other's PC over the … [Read more...] about Report Reveals TeamViewer Was Breached By Chinese Hackers In 2016