A Nokia security breach has leaked source code from a third-party software development partner, exposing the company’s sensitive data, including keys and hardcoded credentials.
Indian cryptocurrency exchange platform WazirX has suffered a security breach that allowed the suspected North Korean Lazarus group to steal $230 million worth of crypto assets.
A statement from TeamViewer indicated that the security breach was detected on June 26, and an employee account was apparently compromised as the APT group's source of access. There is not yet any mention of loss of data.
A security breach has affected all users of the eSignature platform Dropbox Sign (formerly HelloSign), including those who received or signed a document without an account.
A password compromise affecting business intelligence and analytics firm Sisense has triggered a CISA alert urging customers to reset their account login credentials and secrets.
The CSRB found that the security breach was preventable, and that a "a corporate culture that deprioritized enterprise security investments and rigorous risk management" ended up leaving open doors for the Chinese hackers.
CISA: Admin Credentials of a Former Employee Leveraged to Compromise a State Government Organization
The Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) discovered that a threat actor compromised a state government organization using a former employee’s leaked admin credentials.
America's second largest insurance company Prudential Financial has disclosed a security breach by a cybercrime gang that leaked administrative, employee, and contractors’ data.
The HPE security breach is not known to be related to the recent announcement from Microsoft that Russian hackers had penetrated the inboxes of its senior leadership. It instead appears to have a connection to a May 2023 attack that the company had previously disclosed.
Microsoft has named "Midnight Blizzard," an established team of Russian state sponsored hackers also referred to as NOBELIUM and Cozy Bear, as the culprit behind a recent security breach that compromised high-level corporate email accounts.