Dropbox says that the security breach did not involve the contents of any customer accounts. The attackers were instead focused on company GitHub repositories, raiding 130 of them for code and tools.
Recent security breach at password manager LastPass does not appear to be an immediate threat to the encrypted vaults that customers use to store their passwords, but the hackers may have made off with source code and proprietary information.
Cloud infrastructure provider Digital Ocean severed ties with the marketing automation provider Mailchimp after a security breach exposed its customer email addresses.
The shift to cloud-based collaboration platforms, the amount of sensitive data that is now stored and communicated on those platforms, and the level of trust that people put into communication on those platforms have an inevitable conclusion: we are going to see more attacks on those platforms.
Online trust and identity management giant Entrust suffered a security breach by a notorious ransomware gang that exfiltrated files from the company’s internal network.
Digital transformation, hybrid work, third-party partnerships, and other factors have weakened security controls. It’s now more likely than not that the adversary is already hiding within the network, and equally as likely that they got in with stolen, now compromised, credentials.
The primary concern with Twitter’s zero-day security breach is that authoritarian governments might tie names to the anonymous accounts of activists, political opposition and journalists they are targeting.
Okta has about 15,000 clients and provides authentication services for remote logins, usually for employees and students. A known security breach took place in January, but LAPSUS$ says this is something else.
Volvo disclosed a security breach that resulted in a R&D data theft by Snatch cyber threat actors. The company added that customers’ car safety and private information were not affected.
Nation-state hackers with suspected links to Russia were behind the security breach at FireEye. The attackers stole Red Team tools and searched for government customer information.