The Latest Cybersecurity Threats Facing Businesses
It's incredibly important that you learn the latest cybersecurity threats that can threaten a business in 2023. Learn them here.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Data Breaches
What is a data breach?
Data breaches can take many forms, from an unintentional release of information by an unaware employee, to a cyber criminal using stolen login credentials to access sensitive data to a ransomware attack that encrypts a company's confidential information. The types of data that can be involved also vary; it can be personal health information, such as medical records; personally identifiable information like driver's license numbers, financial information, such as credit card numbers; and trade secrets and intellectual property like product designs.
A fatal retweet: How the newest attack on Twitter can teach us a lesson on cybersecurity
In what may be the largest Twitter data breach attack to date, the personal data of over 400 million users was stolen from the social media giant’s grasp and put up for sale on the dark net on the day after Christmas. This attack couldn’t have happened at a worse time for the company, as the Irish Data Protection Commission (DPC) has announced an investigation into an earlier Twitter data leak in November 2022 that had affected over 5.4 million users.
Supply chain security incident at CircleCI: Rotate your secrets
On January 4, CircleCI, an automated CI/CD pipeline setup tool, reported a security incident in their product by sharing an advisory.
CircleCI Breach: How to Rotate All Stored Secrets ASAP
Yesterday, CircleCI, a Continuous Integration/Continuous Delivery (CI/CD) service, notified the world it had been breached via a critical advisory from its CTO. As a major software delivery pipeline service, CircleCI users store myriad credentials for various services in CircleCI’s “Secrets Store” infrastructure.
Breach Bulletin: The most important data breaches from December 2022
It’s rare that a week goes by without at least one data breach making the news. Criminals are targeting companies of all sizes to see if they can slip past their digital defenses and steal confidential data.
A Hacker Claims to Have Obtained Data of 400M Twitter Users
Read also: ByteDance caught using TikTok to spy on reporters, BitKeep users lost $8 million in assets in a hack, and more.
Latest LastPass security breach highlights developers as a high-value target
Last August, the maintainers of the LastPass cloud-based password manager tool reported a security breach in their servers. The disclosure maintained that an unauthorized party gained access to the LastPass development environment through a single compromised developer account. However – while source code and technical information was stolen, no user data was compromised and no services were interrupted. This specific statement about user data was reiterated many times.
What To Do If You Find Your Email on the Dark Web
There are currently over 24 billion exposed credentials circulating the dark web, according to a 2022 report by Photon Research Team. In fact, the markets selling compromised credentials are even offering cybercriminals subscription services for purchasing these usernames and passwords. No wonder there has been a 65% increase in exposed credentials on the dark web since the last time this report was conducted in 2020.
LastPass Data Breach
On Thursday, December 22, 2022, LastPass updated their security incident notice to include additional details around the data breach they began investigating in November 2022. According to their notice, the threat actor used information obtained in an earlier, August 2022, data breach to target an employee and obtain credentials and keys used to decrypt storage volumes within their cloud-based storage service.