Facebook posted a security update that describes a security issue that occurred on September 25, 2018 that affected nearly 50 million accounts.
Magecart cyber criminal group has been targeting numerous eCommerce sites since 2015, to include Ticketmaster and British Airways.
British Airways provided an update to a previously disclosed data breach. The incident occurred between August 21, 2018 and September 5, 2018 on their website, ba.com and mobile app.
Reddit, a popular social news aggregation and discussion website, suffered from a security breach between June 14 and June 18 of this year. The incident was discovered on June 19 and linked to weaknesses in SMS-based two-factor authentication (2FA).
Clarkson PLC (“Clarksons”), a British shipping company, recently revealed a single and isolated user account compromise was the cause of a data breach and theft of confidential information last year.
A popular Linux distribution, Gentoo, said its source code hosted on GitHub was compromised.
Hackers have targeted Chile’s largest bank, Banco de Chile, in a multi-faceted cyber attack on systems linked to the Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) inter-bank transfer network.
Account data associated with 92 million users of genealogy and DNA testing service MyHeritage were leaked and found on a third party private server.
Thousands of organizations are leaking sensitive email according to researchers from Kenna Security. The root cause is a widespread misconfiguration of Google Groups, a web forum used as part of Google’s G Suite of workspace tools.
Does your organization have any Redis servers exposed to the internet? If so, you should disconnect them from the public and ensure Redis services are exposed to only “trusted” environments such as your internal company network.