ransomware
Chip firm Marvell in "third-party" data breach as LockBit resurfaces
Criminals offer no proof of Federal Reserve breach claim
Snowflake
Mandiant confirms 165 Snowflake breach victims – sees custom .NET and Java reconnaissance tool
“At least 79.7% of the accounts leveraged by the threat actor in this campaign had prior credential exposure
Snowflake
Snowflake: CrowdStrike and Mandiant say we're clean
"This appears to be a targeted campaign directed at users with single-factor authentication"
Snowflake
Snowflake warns over “rapeflake” data breaches
"The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."
Zscaler
Zscaler breach: Says single test server exposed, downplays risk
"No impact or compromise to our customer, production and corporate environments" -- but were credentials stolen?
Cybersecurity
MITRE attack strikes a NERVE after Ivanti to VMware pivot
"We did not detect… lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient.”
Cybersecurity
Sisense breach: CISO posts guidance amid frantic community action
"They have direct access to JDBC connections, to SSH, and to SaaS platforms... This is a worst case scenario"
Cloud
Scoop: Fujitsu spilled private client data, passwords into the open unnoticed for a year
It takes a special kind of stupid to export a LastPass vault and dump it into a public bucket along with a bunch of AWS keys. How do these people win critical government contracts again, please?
SolarWinds
SolarWinds sued by SEC over 2019 monster hack, CISO also charged with fraud, control failures
SolarWinds’ poor controls... false and misleading statements and omissions, and the other misconduct... would have violated the federal securities laws even if SolarWinds had not experienced a major, targeted cybersecurity attack"
data breaches
Okta breach looks worse as BeyondTrust, Cloudflare, 1Password report impact, flag concerns
Concern at IAM vendor Okta's response mounts as BeyondTrust details concerns, Cloudflare calls for customers to press harder on "further information regarding potential impact to your organization"
Okta
Fresh Okta breach exposes files: HAR, but no laughing matter
The attackers used a "stolen credential to access Okta's support case management system"
Cybersecurity
Security contractor hit through "rogue" Windows 7 PC amid fears for sensitive NatSec sites
Details of security perimeters for highly sensitive national security sites published for anyone to read