T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code
By: Ravie Lakshmanan
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to...
Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure
By: Ravie Lakshmanan
The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst...
New Incident Report Reveals How Hive Ransomware Targets Organizations
By: Ravie Lakshmanan
A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to...
Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers
By: Ravie Lakshmanan
Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$...
GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens
By: Ravie Lakshmanan
GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of...
FBI, U.S. Treasury and CISA Warn of North Korean Hackers Targeting Blockchain Companies
By: Ravie Lakshmanan
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI) and the Treasury Department, warned of a new set of ongoing...
New Hacking Campaign Targeting Ukrainian Government with IcedID Malware
By: Ravie Lakshmanan
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the...
GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens
By: Ravie Lakshmanan
Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data...
Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
By: Ravie Lakshmanan
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network...
U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
By: Ravie Lakshmanan
The U.S. government on Wednesday warned of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS) and supervisory control and data acquisition (SCADA)...
