Scope of Salesforce Attacks Expands as Icarus Leaks Data
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
The "incident" led to outages affecting a variety of the tech company's operations, though the full scope of the breach is unknown.
Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy's customer service help desk were impacted.
The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims' data.
The ransomware-as-a-service (RaaS) cybercrime group intends to leak the stolen information in just two days, it claims; but oddly, it doesn't seek a ransom payment from its victim.
The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals.
In the latest attack against ISPs, second-largest French provider Free fell victim to unknown cyberattackers who attempted to sell the compromised data it stole from the company on an underground cybercrime forum.
Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.
In a panel at Black Hat 2024, journalists and investigators explain their differing goals when a victim organization is breached.
Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.
The breach affects older customer information involved in purchases made from June 6, 2017, up until July 30, 2018.
A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.
The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals.
The company reports that customers based in Chile, Spain, and Uruguay were the primary victims of the breach, alongside some former employees of the global bank.
Viamedis and Almerys, two payment processors widely used by French health insurers, were victims of cyberattackers who struck five days apart.
The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying.
Russian state-sponsored threat actor Nobelium used a basic password-spray attack to breach Microsoft corporate email accounts, including for execs.
The state said 1.3 million individuals have been affected by this breach, which includes Social Security numbers and taxpayer information.
Okta's IAM platform finds itself in cyberattackers' sights once again, as threat actors mount a supply chain attack targeting Okta customer support engagements.
This time, it's the law firm that got breached, then sued for what victims claim was inadequate protection and compensation for theft of personal data.