data breaches - The Stack

Chip firm Marvell in "third-party" data breach as LockBit resurfaces

Criminals offer no proof of Federal Reserve breach claim

The Stack June 25, 2024

Snowflake

cybersecurity

News

Mandiant confirms 165 Snowflake breach victims – sees custom .NET and Java reconnaissance tool

“At least 79.7% of the accounts leveraged by the threat actor in this campaign had prior credential exposure

The Stack June 10, 2024

Snowflake

cybersecurity

News

Snowflake: CrowdStrike and Mandiant say we're clean

"This appears to be a targeted campaign directed at users with single-factor authentication"

Edward Targett June 03, 2024

Snowflake

Cybersecurity

News

Snowflake warns over “rapeflake” data breaches

"The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."

The Stack June 01, 2024

Zscaler

Cybersecurity

News

Zscaler breach: Says single test server exposed, downplays risk

"No impact or compromise to our customer, production and corporate environments" -- but were credentials stolen?

Edward Targett May 09, 2024

MITRE attack strikes a NERVE after Ivanti to VMware pivot

"We did not detect… lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient.”

The Stack April 21, 2024

Sisense breach: CISO posts guidance amid frantic community action

"They have direct access to JDBC connections, to SSH, and to SaaS platforms... This is a worst case scenario"

Edward Targett April 12, 2024

Scoop: Fujitsu spilled private client data, passwords into the open unnoticed for a year

Cloud

cybersecurity

News

Scoop: Fujitsu spilled private client data, passwords into the open unnoticed for a year

It takes a special kind of stupid to export a LastPass vault and dump it into a public bucket along with a bunch of AWS keys. How do these people win critical government contracts again, please?

Edward Targett March 21, 2024

Chip firm Marvell in "third-party" data breach as LockBit resurfaces

Mandiant confirms 165 Snowflake breach victims – sees custom .NET and Java reconnaissance tool

Snowflake: CrowdStrike and Mandiant say we're clean

Snowflake warns over “rapeflake” data breaches

Zscaler breach: Says single test server exposed, downplays risk

MITRE attack strikes a NERVE after Ivanti to VMware pivot

Sisense breach: CISO posts guidance amid frantic community action

Scoop: Fujitsu spilled private client data, passwords into the open unnoticed for a year