%term

Likely Disclosure Inconsistencies With Massive Snowflake Data Breach

Jul 2, 2024 By Kovrr In Kovrr

‍After unearthing evidence as early as May 2024, cloud computing–company Snowflake released an official statement on June 2, reporting that they were investigating a series of targeted cyber events. A week later, Google's Mandiant, who, alongside Crowdstrike, is aiding Snowflake in this investigation, concluded that clients had been attacked after malicious actors had gotten access to compromised credentials.

Read Post

Kovrr

Read more about Likely Disclosure Inconsistencies With Massive Snowflake Data Breach

Secrets in Plain Sight: Unveiling over 1 million secrets on public websites

Jul 2, 2024 By GitGuardian In GitGuardian

Join us at CodeSecDays for an insightful session with Cybernews researcher Vincentas Baubonis, who will reveal how their team discovered 1,141,004 secrets across 58,364 websites. Learn how exposed environment (.env) files containing passwords, API keys, and email credentials can lead to data breaches and site takeovers. We’ll discuss common leaked secrets like database credentials and AWS keys, and their impact, and share research methodology, ethical considerations, and steps to prevent exposure.

View Video

GitGuardian

Read more about Secrets in Plain Sight: Unveiling over 1 million secrets on public websites

TeamViewer Detects Compromise

Jul 2, 2024 By Andres Ramos In Arctic Wolf

On June 26, 2024, TeamViewer published a statement disclosing they detected an irregularity in TeamViewer’s internal corporate IT environment. TeamViewer is an organization that provides remote access software for devices and is extensively utilized by businesses and individuals globally. Upon detecting the incident on June 26th, TeamViewer immediately activated their response team and procedures and started investigations while implementing necessary remediation measures.

Read Post

Arctic Wolf

Read more about TeamViewer Detects Compromise

Ticketmaster Incident: How to protect your company's Cloud

Jul 1, 2024 By Kirk Jensen In WatchGuard

Cloud systems were created to maintain information on a comprehensive, accessible, and flexible platform. Although this system is still preferred by many companies, especially multinationals, to facilitate access to information between different teams within organizations, irresponsible use of the Cloud can create serious problems for corporate cybersecurity. Ticketmaster is a recent case in point.

Read Post

WatchGuard

Read more about Ticketmaster Incident: How to protect your company's Cloud

TeamViewer Corporate Network Breached in Alleged APT Attack

Jun 28, 2024 By Stu Sjouwerman In KnowBe4

In a concerning development, TeamViewer, one of the world's leading remote access software providers, has disclosed a cyber attack that breached its corporate network environment. The incident was first detected on June 26, 2024, when TeamViewer's security team identified irregularities in their internal IT infrastructure. Responding swiftly, TeamViewer activated its incident response procedures and engaged renowned cybersecurity experts to investigate and mitigate the breach.

Read Post

KnowBe4

Read more about TeamViewer Corporate Network Breached in Alleged APT Attack

Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

Jun 27, 2024 By Narendra Sahoo In VISTA InfoSec

In a recent development that has raised concerns across the education sector, Los Angeles Unified School District (LAUSD) has confirmed a significant data breach involving student information. The breach, linked to a hack of the district’s Snowflake account, has exposed sensitive data pertaining to students and employees enrolled in the sprawling district. Snowflake is a cloud database platform used by companies worldwide to store their data.

Read Post

VISTA InfoSec

Read more about Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

Snowflake Breach Attack Insights

Jun 27, 2024 By Ofir Stein In Apono

The recent attack on Snowflake accounts underscores a critical lesson for all cloud users: securely managing identities and access is paramount under the shared responsibility model. As more organizations leverage cloud services, it’s essential to understand that security is a collaborative effort between the service provider and the customer.

Read Post

Apono

Read more about Snowflake Breach Attack Insights

Microsoft 365 Breaches - As preventable as they are common

Jun 27, 2024 By Octiga In Octiga

It seems like every other day there is a public announcement of a compromise involving unauthorised access to Microsoft 365. Privately, my security consultancy team are called in more often than we would like to deconstruct a compromise and determine if a notifiable data breach has occurred.

Read Post

Octiga

Read more about Microsoft 365 Breaches - As preventable as they are common

The 5 Industries Most Vulnerable to Data Breaches in 2024

Jun 26, 2024 By Tripwire Guest Authors In Tripwire

As we pass the halfway mark of 2024, data breaches remain on the rise. Cybercriminals are finding more and more inventive ways to infiltrate organizations, exploiting vulnerabilities in networks, software, and human behavior. From phishing schemes and ransomware attacks to insider threats and supply chain compromises, the threat of cyber attacks continues. This is bad news, especially for certain industries. The consequences of these breaches extend far beyond financial losses.

Read Post