The shift to cloud-based collaboration platforms, the amount of sensitive data that is now stored and communicated on those platforms, and the level of trust that people put into communication on those platforms have an inevitable conclusion: we are going to see more attacks on those platforms.
Another Security Breach at Mailchimp; Customer Support Tools Again Hijacked to Phish Clients, in Third Such Incident in a Year
The Mailchimp security breach appears to have lasted for less than a full day. The company says that client login information was not compromised, but customer support tools were used to send phishing emails.
Amnesty International Canada experienced a security breach on October 5 with the ultimate conclusion being that state-sponsored Chinese hackers penetrated the system for espionage purposes.
Dropbox says that the security breach did not involve the contents of any customer accounts. The attackers were instead focused on company GitHub repositories, raiding 130 of them for code and tools.
FireEye Security Breach Blamed on Nation-State Hackers From a Country With “Top-Tier Offensive Capabilities”
Nation-state hackers with suspected links to Russia were behind the security breach at FireEye. The attackers stole Red Team tools and searched for government customer information.
Hackers stole and published the login credentials of major tech and Fortune 500 companies, accessed CCTV cameras, and probed portals after breaching two large data centers in Asia.
Hackers Demand $17 Million in Compal’s Security Breach Despite the Company’s Denial of the Ransomware Attack
Hackers demanded $17 million in Compal's security breach despite its denial of the ransomware attack. Compal also claimed that its production lines were not affected.
Hacking Group Claims It Compromised Authentication Services Provider Okta; Causing Widespread Concern Over Security Breach
Okta has about 15,000 clients and provides authentication services for remote logins, usually for employees and students. A known security breach took place in January, but LAPSUS$ says this is something else.
Online trust and identity management giant Entrust suffered a security breach by a notorious ransomware gang that exfiltrated files from the company’s internal network.
Cloud infrastructure provider Digital Ocean severed ties with the marketing automation provider Mailchimp after a security breach exposed its customer email addresses.