Data leak - Security Ticks

‘Phantom’ Source Code Secrets Haunt Major Organizations

Application Security, Data leak, source code / SecurityTicks

‘Phantom’ Source Code Secrets Haunt Major Organizations 2024-06-27 at 13:01 By Ionut Arghire Aqua Security shows that code in repositories remains accessible even after being deleted or overwritten, continuing to leak secrets. The post ‘Phantom’ Source Code Secrets Haunt Major Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View […]

React to this headline:

‘Phantom’ Source Code Secrets Haunt Major Organizations Read More »

Gitleaks: Open-source solution for detecting secrets in your code

Data leak, Don't miss, GitHub, Hot stuff, News, open source, software / SecurityTicks

Gitleaks: Open-source solution for detecting secrets in your code 2024-06-27 at 07:37 By Mirko Zorz Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly

React to this headline:

Gitleaks: Open-source solution for detecting secrets in your code Read More »

BlackBerry Cylance Data Offered for Sale on Dark Web

BlackBerry, cybercrime, Cylance, Data leak, Snowflake / SecurityTicks

BlackBerry Cylance Data Offered for Sale on Dark Web 2024-06-11 at 16:01 By Eduard Kovacs BlackBerry says the Cylance data offered for sale for $750,000 is old and its own systems have not been compromised. The post BlackBerry Cylance Data Offered for Sale on Dark Web appeared first on SecurityWeek. This article is an excerpt

React to this headline:

BlackBerry Cylance Data Offered for Sale on Dark Web Read More »

New York Times Responds to Source Code Leak

data breach, Data Breaches, Data leak, source code / SecurityTicks

New York Times Responds to Source Code Leak 2024-06-10 at 16:31 By Eduard Kovacs The New York Times has issued a statement after someone leaked source code allegedly belonging to the news giant. The post New York Times Responds to Source Code Leak appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

New York Times Responds to Source Code Leak Read More »

361 million account credentials leaked on Telegram: Are yours among them?

account hijacking, consumer, credentials, Data leak, data theft, Don't miss, enterprise, HIBP, Hot stuff, Malware, News, passwords, Telegram, tips / SecurityTicks

361 million account credentials leaked on Telegram: Are yours among them? 2024-06-04 at 15:03 By Zeljka Zorz A new trove of 361 million email addresses has been added to Have I Been Pwned? (HIBP), the free online service through which users can check whether their account credentials and other data has been compromised in one

React to this headline:

361 million account credentials leaked on Telegram: Are yours among them? Read More »

Dell Says Customer Names, Addresses Stolen in Database Breach

Data Breaches, Data leak, Dell, Incident Response, Ransomware / SecurityTicks

Dell Says Customer Names, Addresses Stolen in Database Breach 2024-05-09 at 20:16 By SecurityWeek News Tech giant notifies millions of customers that full names and physical mailing addresses were stolen during a security incident. The post Dell Says Customer Names, Addresses Stolen in Database Breach appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Dell Says Customer Names, Addresses Stolen in Database Breach Read More »

BlackBasta claims Synlab attack, leaks some stolen documents

Data leak, Don't miss, Europe, Hot stuff, News, Ransomware / SecurityTicks

BlackBasta claims Synlab attack, leaks some stolen documents 2024-05-06 at 14:16 By Zeljka Zorz The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately

React to this headline:

BlackBasta claims Synlab attack, leaks some stolen documents Read More »

Understanding next-level cyber threats

cybercrime, cybersecurity, data breach, Data leak, Don't miss, Email, Hot stuff, identity, passwords, SpyCloud, Video / SecurityTicks

Understanding next-level cyber threats 2024-04-17 at 06:31 By Help Net Security In this Help Net Security video, Trevor Hilligoss, VP of SpyCloud Labs, discusses the 2024 SpyCloud Identity Exposure Report, an annual report examining the latest trends in cybercrime and its impact. Researchers recaptured nearly 1.38 billion passwords circulating the darknet in 2023, an 81.5%

React to this headline:

Understanding next-level cyber threats Read More »

Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info

Data Breaches, Data leak, Featured, Government / SecurityTicks

Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info 2024-04-05 at 14:16 By Eduard Kovacs Acuity, the tech firm from which hackers claimed to have stolen State Department and other government data, confirms hack, but says stolen info is old. The post Acuity Responds to US Government Data Theft Claims, Says

React to this headline:

Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info Read More »

AT&T data leaked: 73 million customers affected

AT&T, Data leak, Don't miss, Hot stuff, News, USA / SecurityTicks

AT&T data leaked: 73 million customers affected 2024-04-02 at 15:31 By Zeljka Zorz AT&T has confirmed that the data set leaked on the dark web some two weeks ago does, indeed, contain “AT&T data-specific fields”. The company is reaching out to affected customers and offering credit monitoring services. What type of data has been leaked?

React to this headline:

AT&T data leaked: 73 million customers affected Read More »

NHS Scotland confirms ransomware attackers leaked patients’ data

Data leak, Don't miss, extortion, healthcare, Hot stuff, News, Ransomware, UK / SecurityTicks

NHS Scotland confirms ransomware attackers leaked patients’ data 2024-03-28 at 14:31 By Zeljka Zorz NHS Dumfries and Galloway (part of NHS Scotland) has confirmed that a “recognised ransomware group” was able to “access a significant amount of data including patient and staff-identifiable information,” and has published “clinical data relating to a small number of patients.”

React to this headline:

NHS Scotland confirms ransomware attackers leaked patients’ data Read More »

Misconfigured Firebase Instances Expose 125 Million User Records

Data Breaches, Data leak, Firebase / SecurityTicks

Misconfigured Firebase Instances Expose 125 Million User Records 2024-03-19 at 12:23 By Ionut Arghire A weakness in a Firebase implementation allowed researchers to gain access to names, phone numbers, email addresses, plaintext passwords, confidential messages, and more. The post Misconfigured Firebase Instances Expose 125 Million User Records appeared first on SecurityWeek. This article is an

React to this headline:

Misconfigured Firebase Instances Expose 125 Million User Records Read More »

90% of exposed secrets on GitHub remain active for at least five days

cybersecurity, Data leak, GitGuardian, GitHub, News, report, survey / SecurityTicks

90% of exposed secrets on GitHub remain active for at least five days 2024-03-15 at 07:30 By Help Net Security 12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed secrets has quadrupled since the company started reporting in 2021.

React to this headline:

90% of exposed secrets on GitHub remain active for at least five days Read More »

GitHub push protection now on by default for public repositories

Data leak, Don't miss, GitHub, Hot stuff, News, open source / SecurityTicks

GitHub push protection now on by default for public repositories 2024-03-04 at 16:15 By Zeljka Zorz GitHub push protection – a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online – is being switched on by default for all public repositories. “This means that when a supported secret

React to this headline:

GitHub push protection now on by default for public repositories Read More »

Cybercriminals harness AI for new era of malware development

APT, Artificial Intelligence, cybercriminals, cybersecurity, dark web, Data leak, Group-IB, Malware, News, Ransomware, report, social engineering / SecurityTicks

Cybercriminals harness AI for new era of malware development 2024-03-01 at 08:31 By Help Net Security The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites

React to this headline:

Cybercriminals harness AI for new era of malware development Read More »

ExpressVPN User Data Exposed Due to Bug

Data leak, VPN, Vulnerabilities / SecurityTicks

ExpressVPN User Data Exposed Due to Bug 2024-02-12 at 16:16 By Ionut Arghire ExpressVPN disables split tunneling on Windows after learning that DNS requests were not properly directed. The post ExpressVPN User Data Exposed Due to Bug appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

ExpressVPN User Data Exposed Due to Bug Read More »

Researchers discover exposed API secrets, impacting major tech tokens

API security, AWS, cybersecurity, Data leak, Escape, GitHub, News, Slack, Stripe / SecurityTicks

Researchers discover exposed API secrets, impacting major tech tokens 2024-02-05 at 07:33 By Help Net Security Escape’s security research team scanned 189.5 million URLs and found more than 18,000 exposed API secrets. 41% of exposed secrets were highly critical, i.e. could lead to financial risks for the organizations. Exposed API secrets The exposed secrets include

React to this headline:

Researchers discover exposed API secrets, impacting major tech tokens Read More »

Ex-CIA Computer Engineer Gets 40 Years in Prison for Giving Spy Agency Hacking Secrets to WikiLeaks

Data leak, Government, sentenced / SecurityTicks

Ex-CIA Computer Engineer Gets 40 Years in Prison for Giving Spy Agency Hacking Secrets to WikiLeaks 2024-02-02 at 12:47 By Associated Press Former CIA software engineer sentenced to 40 years in prison for biggest theft of classified information in CIA history and for possession of child sexual abuse images and videos. The post Ex-CIA Computer

React to this headline:

Ex-CIA Computer Engineer Gets 40 Years in Prison for Giving Spy Agency Hacking Secrets to WikiLeaks Read More »

Leaked GitHub Token Exposed Mercedes Source Code

Data Breaches, Data leak, source code / SecurityTicks

Leaked GitHub Token Exposed Mercedes Source Code 2024-01-31 at 15:47 By Ionut Arghire A leaked token provided unrestricted access to the entire source code on Mercedes-Benz’s GitHub Enterprise server. The post Leaked GitHub Token Exposed Mercedes Source Code appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Leaked GitHub Token Exposed Mercedes Source Code Read More »

Data of 15 million Trello users scraped and offered for sale

data breach, Data leak, Don't miss, Hot stuff, News, Trello, web application / SecurityTicks

Data of 15 million Trello users scraped and offered for sale 2024-01-23 at 13:16 By Zeljka Zorz Someone is selling scraped data of millions of users of Trello, a popular a web-based list-making application and project management platform, on a dark web hacker forum. The database dump “contains emails, usernames, full names and other account

React to this headline:

Data of 15 million Trello users scraped and offered for sale Read More »