data breaches
BBC, BA suffer data breaches in wake of MOVEit attacks
The Stack is seeing exposed instances associated with scores of high profile blue chips
Cybersecurity
New LastPass breach post-mortem raises questions
Attackers targeted DevOps engineers' home devices...
Cybersecurity
CircleCI hackers grabbed customer tokens and keys, CTO admits, amid warning on SaaS secrets
Infiltrators dodged antivirus, stole encryption keys from a running process
Cybersecurity
CircleCI warns users to "immediately rotate all secrets" amid credential abuse evidence
Updated January 6, 11:00 BST: CircleCI has updated its advisory which deserves revisiting. CircleCI is calling on customers to “immediately rotate any and all secrets” after a security incident. The breach appears to have occurred around December 21 and to have gone unnoticed over the Christmas period. Credentials stolen
Cybersecurity
Infosys leak: IT firm left “god mode” AWS S3 key exposed on PyPi
"Our infrastructure has not been impacted by this incident and there is no loss of data."
Cybersecurity
Microsoft data breach "BlueBleed" exposes 2.4TB of customer data
Customers being told GDPR disclosure unnecessary
Cybersecurity
Advanced confirms attack was LockBit 3.0 ransomware, legitimate creds used
No insight into how credentials were obtained...
Cybersecurity
Here's why Intel’s UEFI source code leak is a genuine security concern
Intel late Sunday confirmed that proprietary UEFI code had been leaked in a potential serious security breach. The Intel Alder Lake source code was leaked to 4chan and Github – as first reported by Tom’s Hardware – as a 6GB file containing sensitive tools and code for building and optimising BIOS/
Cybersecurity
Major authentication provider Auth0 says code repositories were copied
Mystery around the data breach, but we can speculate...
Cybersecurity
One of world's largest gaming franchises hit in major breach, GTA 6 gameplay leaked
Over 90 videos of a development build of Grand Theft Auto 6 have been leaked after an apparent major breach at game developer Rockstar Games, with the culprit also threatening to leak GTA 6 source code. The GTA 6 leak includes footage of open-world gameplay and was confirmed as real
Cybersecurity
Uber hacker claims access to its internal AWS, SentinelOne, VMware: Is FIDO2 the answer?
Uber has confirmed that it is investigating a cybersecurity incident. After an initial breach the Uber hacker claims to have found an internal network share that contained Powershell scripts with privileged credentials that let them easily pivot to compromising Uber’s Duo (authentication), OneLogin, AWS, and GSuite environments. "One
Featured
Twilio hacked in social engineering breach
Internal systems accessed...