Security news aggregator

Latest coverage for Compromise

Stay updated on the latest compromise incidents in infosec. Discover how breaches occur and learn strategies to protect your data and networks.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Compromise in information security means unauthorized access or control over a system, network, or data, often resulting from exploiting vulnerabilities like software bugs, weak credentials, or misconfigurations. It indicates that an attacker has bypassed security measures to read, modify, or disrupt resources without permission.

Such compromises pose risks including data theft, unauthorized system manipulation, and persistent attacker presence. Detecting and containing compromises requires monitoring for unusual activity, applying timely patches, and enforcing strong access controls to limit attacker movement and reduce the impact of exploited weaknesses.

Showing 3 most recent headlines Filtered view
Bank Info Security 1 year, 8 months ago

Critical OPA Vulnerability Exposes Windows Credentials

Attackers Could Exploit Flaw to Relay Credentials, Compromise SystemsA critical vulnerability in Open Policy Agent could expose NTLM credentials from Windows systems, potentially affecting millions of users. Researchers at Tenable warn that attackers could exploit the flaw through social engineering. Users must update to version v0.68.0 immediately to mitigate risks.

Bank Info Security 1 year, 8 months ago

Check Point, Mimecast Settle SEC Case From SolarWinds Hack

SEC: Check Point, Mimecast Disclosures Didn't Capture Severity of SolarWinds HackCheck Point and Mimecast will each pay regulators nearly $1 million to settle charges of making materially misleading disclosures related to the SolarWinds Orion hack. The SEC alleged public disclosures from Check Point and Mimecast didn't capture the severity of the compromise.

Bank Info Security 1 year, 8 months ago

Insiders Confuse Microsoft 365 Copilot Responses

Attack Method Exploits RAG-based Tech to Manipulate AI System's OutputResearchers found an easy way to manipulate the responses of an artificial intelligence system that makes up the backend of tools such as Microsoft 365 Copilot, potentially compromising confidential information and exacerbating misinformation. Researchers called the attack "ConfusedPilot."