-
Waydev
July 26, 2020
Hackers use a blind SQL injection vulnerability to gain access to Waydev's database, from where they stole GitHub and GitLab OAuth tokens from other companies.
-
Flood
July 26, 2020
•
[ hack, misconfiguration, technology ]
Software testing service Flood.io suffers a breach blamed on OAuth tokens stolen by the attackers from Waydev.
-
Beaumont Health
July 25, 2020
•
[ social, phishing, healthcare ]
Beaumont Health, Michigan's largest healthcare provider warns around 6,000 patients that their data may have been exposed following a phishing attack that occurred between January 3, 2020, and January 29, 2020.
-
Carlson Wagonlit Travel (CWT)
July 25, 2020
US corporate travel management firm Carlson Wagonlit Travel (CWT) suffers an intrusion and it is believed to have paid a $4.5m ransom to get its data back.
-
Aberystwyth University
July 24, 2020
•
[ hack, education ]
The Aberystwyth University is an additional university affected by the Blackbaud hack.
-
Emotet botnet
July 24, 2020
•
[ hack, malware, technology ]
Someone is taking fun at the Emotet botnet and disrupting its operations by hacking into the malware's distribution sites and replacing malicious payloads with memes and GIFs.
-
CouchSurfing
July 23, 2020
•
[ hack, technology ]
CouchSurfing, an online service that lets users find free lodgings, investigates a security breach after hackers began selling the details of 17 million users on Telegram channels and hacking forums.
-
Instacart
July 23, 2020
•
[ leak, brute-force, retail ]
Online shopping service Instacart says reused passwords are to blame for a recent spate of account breaches, which saw personal data belonging to hundreds of thousands of Instacart customers stolen and put up for sale on the dark web.
-
Administrador de Infraestructuras Ferroviarias (ADIF)
July 23, 2020
•
[ ransomware, malware, government ]
Administrador de Infraestructuras Ferroviarias (ADIF), a Spanish state-owned railway infrastructure manager is hit by REvil ransomware operators.
-
Garmin
July 23, 2020
Garmin is hit by a WastedLocker ransomware attack.
-
Sylva, NC
July 23, 2020
•
[ social, misconfiguration, government ]
A town board meeting in Sylva, NC was Zoom-bombed with unknown participants shouting racist remarks.
-
A telecom company in the Middle East
July 22, 2020
•
[ espionage, malware, technology ]
Researchers from Palo Alto Networks discover a series of cyberattacks on a telecom company in the Middle East signaling the return of the OilRig APT. The attacks also revealed a revised backdoor tool in the group's arsenal, called RDAT.
-
SUNY Erie Community College
July 22, 2020
•
[ hack, malware, education ]
About 50 computers at SUNY Erie Community College are disabled by a malware attack.
-
Twilio
July 22, 2020
Twilio discloses that its TaskRouter JS SDK was compromised by attackers after they gained access to one of its misconfigured Amazon AWS S3 buckets which left the SDK's path publicly readable and writable for roughly five years, since 2015.
-
Amphastar Pharmaceuticals
July 21, 2020
•
[ ransomware, malware, healthcare ]
The DoppelPaymer ransomware threat actors posted data Amphastar Pharmaceuticals data that had been stolen in a May attack.
-
MyHeritage
July 21, 2020
MyHeritage, a genealogy website based in Israel, announces that some of its users had been subjected to a phishing attack to obtain their log-in details for the site, apparently targeting email addresses obtained in the attack on GEDmatch just two days before.
-
DeepSource
July 21, 2020
•
[ social, phishing, technology ]
DeepSource resets the user logins after an employee falls for the Sawfish phishing campaign.
-
Pepperstone
July 21, 2020
Pepperstone sends out an email to clients, alerting them of a data security incident in which third parties are reaching out to the broker's clients and falsely claiming to be Pepperstone.
-
Coinbase
July 21, 2020
Coinbase reveals that it stopped scammers from stealing an extra $280,000 of cryptocurrency during the Twitter hack which affected dozens of high profile accounts as well Coinbase's own account.
-