breaches – Page 3 – Threat Note

From Graham Cluley – IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

Jack Teixeira, the 22-year-old former Air National Guardsman who leaked hundreds of classified documents online, has been sentenced to 15 years in prison. Teixeira, who served as an IT specialist…

Samir K November 14, 2024

Research

From Cyber Security News – Researchers Warn of AI Image Generators Potentially Leaking Sensitive Instructions

Researchers have recently uncovered a potential security flaw in advanced AI image generators, particularly in the case of Recraft, an advanced diffusion model. This discovery has raised concerns about the…

Samir K November 14, 2024

Breaches

From Dark Reading – Google AI Platform Bugs Leak Proprietary Enterprise LLMs

The tech giant fixed privilege-escalation and model-exfiltration vulnerabilities in Vertex AI that could have allowed attackers to steal or poison custom-built AI models. Read More

Samir K November 14, 2024

Breaches

From Dark Reading – Amazon Employee Data Compromised in MOVEit Breach

The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well. Read…

Samir K November 13, 2024

Breaches

From Cyber Security News – SelectBlinds Data Breach, 200,000+ Customers Card Details Skimmed in Cyberattack

SelectBlinds, a well-known online retailer specializing in custom blinds and shades, has confirmed a data breach that exposed the sensitive information of 206,238 customers. The breach, attributed to a sophisticated…

Samir K November 12, 2024

Breaches

From Cyber Security News – Massive MOVEit 0-day Breach: Millions of Employee Data Stolen from 25 Major Organizations

A critical vulnerability in the widely used MOVEit file transfer software has led to one of the most extensive corporate data leaks in recent history, affecting millions of employees across…

Samir K November 12, 2024

Breaches

From Cyber Security News – Weekly Cybersecurity Newsletter: Data Breaches, Vulnerabilities, Cyber Attacks, & Other Updates

Welcome to this week’s Cybersecurity Newsletter, where you’ll find the latest updates and insights from the world of cybersecurity. Stay informed and protected with our top stories. Keep up to…

Samir K November 10, 2024

Breaches

From Dark Reading – Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems

SANS recently published its 2024 State of ICS.OT Cybersecurity report, highlighting the skills of cyber professionals working in critical infrastructure, budget estimates, and emerging technologies. The report also looked at…

Samir K November 7, 2024

Breaches

From Dark Reading – Nokia: No Evidence So Far That Hackers Breached Company Data

The mobile device maker continues to investigate IntelBroker's claims of another high-profile data breach, with the cybercriminal group posting on BreachForums internal data allegedly stolen from Nokia through a third-party…

Samir K November 7, 2024

Breaches

From Cybersecurity Help – China-linked Volt Typhoon reportedly breached Singapore’s largest mobile carrier Singtel

It is believed that the Singtel breach may have served as a trial for further incursions into US telecoms networks. Read More

Samir K November 5, 2024

Breaches

From Cyber Security News – Nokia Investigating Data Breach, IntelBroker Allegedly Selling Source Code

Nokia, the multinational telecommunications company, is currently investigating claims of a significant data breach after a notorious hacker known as IntelBroker announced the sale of allegedly stolen source code and…

Samir K November 5, 2024

Breaches

From Cybersecurity Help – Hackers abuse Microsoft SharePoint bug to breach corporate networks

The attackers exploited CVE-2024-38094 to gain unauthorized access to a vulnerable SharePoint server. Read More

Samir K November 4, 2024

Breaches

From Dark Reading – EmeraldWhale’s Massive Git Breach Highlights Config Gaps

The large-scale operation took advantage of open repositories, hardcoded credentials in source code, and other cloud oversights. Read More

Samir K November 2, 2024

Breaches

From The Hacker News – Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket,

Samir K November 1, 2024

Breaches

From The Hacker News – 5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose many challenges for security teams. Misconfigurations are silent killers, leading to major

Samir K November 1, 2024