Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Data Breaches

foresiet

Twilio's Authy App Breach: Millions of Phone Numbers Exposed

Jul 5, 2024 By Foresiet In Foresiet
Twilio, the cloud communications provider, has disclosed a security breach affecting its Authy app, exposing users' phone numbers due to an exploit in an unauthenticated endpoint. Understanding the Authy App Breach Twilio confirmed unauthorized access to an endpoint within Authy, leading to the exposure of data linked to Authy accounts, specifically users' cell phone numbers.
Read Post
protegrity

Enhancing Data Security in the Wake of Recent High-Profile Breaches

Jul 5, 2024 By Protegrity In Protegrity
Recent high-profile breaches at Ticketmaster and Santander, attributed to the ShinyHunters group, have brought the critical need for robust data protection measures to the forefront. ShinyHunters, a notorious cybercriminal group known for stealing data from various organizations for financial gain, has demonstrated how vulnerabilities in third-party platforms can lead to significant data breaches.
Read Post
keeper

Were You Part of the 2024 AT&T Breach? Don't Panic. Here's What to Do.

Jul 5, 2024 By Keeper In Keeper
If you were one of the 70+ million people affected by the 2024 AT&T data breach, you are likely concerned about the safety of your accounts and the risk of your identity being stolen. Although some of the data is from 2019 or earlier, according to AT&T, the 2024 data breach occurred this past March when stolen customer data was found on the dark web. If you were part of this data breach, your identity could be at risk of being stolen because customers’ Social Security numbers were exposed.
Read Post
vista infosec

Chip maker launches probe into data theft amid cybersecurity concerns

Jul 2, 2024 By Narendra Sahoo In VISTA InfoSec
American chip giant Advanced Micro Devices, Inc. (AMD) announced that it has launched a probe of a data breach carried out by a cybercriminal group called Intelbroker that led to several private documents and information being stolen which occurred early this month. In a statement to media outlets, the company spokesperson said that it is working closely with the authorities and a third-party hosting partner to investigate the impact of the breach.
Read Post
kovrr

Likely Disclosure Inconsistencies With Massive Snowflake Data Breach

Jul 2, 2024 By Kovrr In Kovrr
‍After unearthing evidence as early as May 2024, cloud computing–company Snowflake released an official statement on June 2, reporting that they were investigating a series of targeted cyber events. A week later, Google's Mandiant, who, alongside Crowdstrike, is aiding Snowflake in this investigation, concluded that clients had been attacked after malicious actors had gotten access to compromised credentials.
Read Post

Secrets in Plain Sight: Unveiling over 1 million secrets on public websites

Jul 2, 2024 By GitGuardian In GitGuardian
Join us at CodeSecDays for an insightful session with Cybernews researcher Vincentas Baubonis, who will reveal how their team discovered 1,141,004 secrets across 58,364 websites. Learn how exposed environment (.env) files containing passwords, API keys, and email credentials can lead to data breaches and site takeovers. We’ll discuss common leaked secrets like database credentials and AWS keys, and their impact, and share research methodology, ethical considerations, and steps to prevent exposure.
View Video
Arctic Wolf

TeamViewer Detects Compromise

Jul 2, 2024 By Andres Ramos In Arctic Wolf
On June 26, 2024, TeamViewer published a statement disclosing they detected an irregularity in TeamViewer’s internal corporate IT environment. TeamViewer is an organization that provides remote access software for devices and is extensively utilized by businesses and individuals globally. Upon detecting the incident on June 26th, TeamViewer immediately activated their response team and procedures and started investigations while implementing necessary remediation measures.
Read Post
WatchGuard

Ticketmaster Incident: How to protect your company's Cloud

Jul 1, 2024 By Kirk Jensen In WatchGuard
Cloud systems were created to maintain information on a comprehensive, accessible, and flexible platform. Although this system is still preferred by many companies, especially multinationals, to facilitate access to information between different teams within organizations, irresponsible use of the Cloud can create serious problems for corporate cybersecurity. Ticketmaster is a recent case in point.
Read Post
knowbe4

TeamViewer Corporate Network Breached in Alleged APT Attack

Jun 28, 2024 By Stu Sjouwerman In KnowBe4
In a concerning development, TeamViewer, one of the world's leading remote access software providers, has disclosed a cyber attack that breached its corporate network environment. The incident was first detected on June 26, 2024, when TeamViewer's security team identified irregularities in their internal IT infrastructure. Responding swiftly, TeamViewer activated its incident response procedures and engaged renowned cybersecurity experts to investigate and mitigate the breach.
Read Post
Octiga

Microsoft 365 Breaches - As preventable as they are common

Jun 27, 2024 By Octiga In Octiga
It seems like every other day there is a public announcement of a compromise involving unauthorised access to Microsoft 365. Privately, my security consultancy team are called in more often than we would like to deconstruct a compromise and determine if a notifiable data breach has occurred.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.