February 2, 2024
Cloudflare disclosed that a nation-state actor stole Cloudflare credentials and an access token from a recent Okta compromise to gain unauthorized access to its Atlassian server in November 2023. Attackers accessed some documentation and a limited amount of source code before being stopped. Learn how attackers exploited Okta as an attack vector.
January 26, 2024
A Mercedes employee’s authentication token found in a public Github repository had the potential to grant unauthorized access to Mercedes’ GitHub Enterprise server. This exposed private source code repositories containing intellectual property, Microsoft Azure and AWS keys, and a Postgres database. Mercedes has since removed the API token and public repository. Learn more about this inadvertent source code exposure.
January 25, 2024
A nation-state backed hacking group compromised Microsoft’s corporate networks, targeting other organizations like HPE in a malicious campaign. Password spraying attacks were used to exploit a non-MFA-enabled test OAuth application account with elevated privileges, enabling lateral spread across corporate Office 365 environments. See how hackers exploited this over privileged legacy account as an attack vector.
January 24, 2024
26 billion records, stemming from previous leaks and breaches, were exposed online, revealing user data from LinkedIn, X, and other platforms, including sensitive information from government organizations in the U.S., Brazil, Germany, and more. Attackers could use this data for cyberattacks, phishing schemes, and other attack mechanisms. Learn more about this major data leak impacting several organizations.