Security Breach Archives - Cyber Security Minute

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

Issued by: Security Affairs

The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The…

Application Security

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Issued by: Security Affairs

Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers exploited a flaw in a third-party media software package to target the firm. “Our investigation has revealed that the threat actor…

News

Lockbit ransomware gang hit the Portuguese municipal water utility Aguas do Porto

Issued by: Security Affairs

The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company, and is threatening to leak the stolen data. Aguas do Porto is a municipal water utility company that manages the full water cycle including water supply, and wastewater drainage. The company also manages public lighting and photovoltaic parks….

Malware & Threats

City of Oakland issued a local state of emergency after recent ransomware attack

Issued by: Security Affairs

The City of Oakland disclosed last week a ransomware attack, the security breach began on February 8, 2023. In an abundance of caution, the City of Oakland has taken impacted systems offline, while they work to secure the impacted infrastructure. The Information Technology Department notified local authorities and launched an investigation into the incident to…

Application Security

LastPass revealed that encrypted password vaults were stolen

Issued by: Security Affairs

In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. In response to the incident, the company deployed containment and mitigation measures and implemented additional enhanced…

Application Security, Software Security

Major Security Breach From Business Users’ Low-Code Apps Could Come in 2023, Analysts Warn

Issued by: Dark Reading

In a recent report, Forrester analysts warned of a looming major security breach at a large enterprise in 2023 rooted in business users using low-code/no-code (LCNC). The first part of this prediction is, unfortunately, a shared industry assumption: It would be surprising if we had an entire year without major headline security breaches. But the…

Malware & Threats

Optus data breach “attacker” says sorry, it was a mistake

Issued by: Malwarebytes

Since Australian telecoms company Optus disclosed a security breach on September 22, 2022, a lot has been happening. Much of it reads like a movie script. Prologue A hacker acting under the pseudonym “optusdata” claims to have stolen the data of 10 million Optus customers. The information included home addresses, drivers’ licenses, Medicare numbers, and…

Malware & Threats

New Google+ Breach Will Lead to Early Service Shutdown

Issued by: Dark Reading

As vulnerabilities go, it was the best sort: found by internal testing before it led to a security breach. Nevertheless, the latest Google+ software vulnerability was enough to push forward shutting down the service: Google now says it will be shuttered by April 2019 rather than the originally planned August 2019. According to Google, the…

Malware & Threats

Hackers Target U.K. Shipping Giant Clarkson

Issued by: Security Week

Clarkson, one of the world’s largest providers of shipping services, informed the public on Tuesday that it has suffered a security breach and the hackers may release some data taken from its systems. Clarkson provided only few details citing the ongoing law enforcement investigation, but the information it made public suggests that it was targeted…

Vulnerabilities

What to do in case of a global security breach

Issued by: Kaspersky Blog

The bitter truth is, everyone in the world is vulnerable to cybercriminals. Even the biggest companies, ones that hold tons of user data, are no exception. On the contrary, they are a likely target. How vulnerable we actually are Have you ever thought about how many global security breaches took place in the past few…