Tag

Breach

All articles tagged with #breach

security17 days ago•17 min saved

DirtyFrag Drives Linux Privilege Escapes, Ubuntu Offline, and a Wave of Security Breaches

DirtyFrag chains CopyFail and a new RPC flaw to corrupt the Linux page cache, enabling root-level code execution and potential persistence or container escapes with no patches yet; Ubuntu endured a prolonged DDoS outage that knocked update services offline; ShinyHunters breached the education software provider Infrastructure, exposing Canvas student data; other notes include Edge password vault memory exposure and DaemonTools backdoored, with continued TETRA-related activity and Oracle shifting to monthly security updates.

via Hackaday|

#backdoor #breach #linux

security1 month ago•8 min saved

Discord Sleuths Breach Anthropic’s Mythos Preview, Highlighting AI Tool Access Risks

Discord users allegedly gained unauthorized access to Anthropic’s Mythos Preview by analyzing data from a Mercor breach and guessing the model’s online location, aided by permissions tied to an Anthropic contractor; they accessed Mythos and other unreleased models and used the access to build simple websites rather than perform malicious hacks, underscoring ongoing concerns about access controls for AI development tools.

via WIRED|

#anthropic #breach #discord

technology1 month ago•3 min saved

Hackers Breach Anthropic’s Mythos Amid Restricted-Release Push

Hackers gained unauthorized access to Anthropic’s Mythos via a third-party vendor, though Anthropic says its systems were not impacted; Mythos is a restricted, enterprise-focused AI under Project Glasswing being tested by tech and financial firms, with Bloomberg noting involvement from Amazon, Apple, JPMorgan Chase and others and a Treasury meeting discussing its use.

via Euronews.com|

#ai-security #anthropic #breach

technology1 month ago•2 min saved

Vercel Breach Linked to Context AI Hack Exposes Limited Customer Credentials

Vercel disclosed a security incident linked to the Context.ai compromise that allowed an attacker to hijack an employee’s Google Workspace account and access some non-sensitive internal environments and environment variables; sensitive secrets remained encrypted, but a limited subset of customers reportedly had credential exposure, triggering immediate rotation and ongoing investigations with Mandiant and Context.ai, as the company rolls out dashboard updates and advises admins to review logs and rotate non-sensitive secrets.

via The Hacker News|

#breach #contextai #credential-rotation

technology4 months ago•42 min saved

Fresh 48 Million Gmail Credentials Surface Online Again

A new data dump has exposed 48 million Gmail usernames and passwords, underscoring ongoing risks from credential stuffing and password reuse; users should enable two-factor authentication, rotate compromised passwords, and monitor accounts for suspicious activity.

via Forbes|

#breach #gmail #passwords

sports7 months ago•1 min saved

FIA Confirms No Cost Cap Breaches in 2024 F1 Review

The FIA has completed a seven-month review of 2024 F1 cost cap compliance, finding Aston Martin as the only team with a minor procedural breach related to unsigned documentation, while other teams and engine manufacturers are cleared; Aston Martin's breach was deemed minor and did not confer any advantage.

via The Race|

#aston-martin #breach #cost-cap

sports7 months ago•2 min saved

Aston Martin and F1 Cost Cap Breaches: Latest Developments

Aston Martin admitted to a minor procedural breach related to missing signatures in their F1 cost cap submission, accepted an Accepted Breach Agreement, and faced no penalties, with the FIA expected to announce the final review results soon.

via The Race|

#aston-martin #breach #cost-cap

technology7 months ago•0 min saved

F5 Hack Sparks Urgent Cybersecurity Alerts and Stock Drop

F5, a networking software company, disclosed a long-term breach that poses an imminent threat of cyberattacks on thousands of networks, including those operated by the US government and Fortune 500 companies, potentially due to a nation-state hacking group.

via WIRED|

#breach #cybersecurity #f5

technology7 months ago•2 min saved

F5 Stock Drops 12% Amid Nation-State Cyberattack Concerns

F5, a U.S. cybersecurity firm, saw its stock drop 10% after revealing a sophisticated nation-state hacking incident attributed to China, which compromised its systems for over a year using malware called Brickstorm, prompting urgent security updates and warnings from U.S. and UK cybersecurity agencies.

via CNBC|

#breach #china #cybersecurity

technology8 months ago•1 min saved

Google Reassures Gmail Security Amidst Breach Concerns and Phishing Warnings

Google has reassured users that Gmail's security remains strong and effective, dismissing reports of a major breach. The recent security concerns stem from a limited June breach on Google's corporate servers and a subsequent increase in phishing attacks, but no private user data was compromised. Google emphasizes that the fears of a widespread Gmail hack are unfounded.

via Ars Technica|

#breach #gmail #google

technology8 months ago•3 min saved

Google Denies Major Gmail Security Breach Despite User Warnings

Google has denied reports of a massive security breach affecting 2.5 billion Gmail users, clarifying that the incident was overstated and only involved a smaller, unrelated security issue with Salesforce. The company emphasized its strong security measures and encouraged users to remain vigilant against phishing, reassuring that their Gmail accounts are secure.

via Mashable|

#breach #gmail #google

sports11 months ago•0 min saved

Manchester City fined £1m by Premier League for delayed kickoffs

The Premier League and Manchester City have agreed on a sanction after the club admitted to breaching rules related to kick-off and re-start obligations in nine matches during the 2024/25 season, ensuring the competition's professional standards and scheduling integrity.

via Premier League|

#breach #manchester-city #match-scheduling

world11 months ago•0 min saved

UN Reports Iran Violating Nuclear Commitments, Iran Plans New Enrichment Facility

The UN nuclear watchdog has reported Iran for the first time in 20 years for not complying with its nuclear obligations, potentially increasing regional tensions and leading to the reimposition of sanctions.

via The Washington Post|

#breach #iran #nuclear

cybersecurity2 years ago•3 min saved

"Sisense Data Breach Prompts Urgent CISA Alert for Credential Resets"

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating a breach at business intelligence company Sisense, urging all Sisense customers to reset any credentials and secrets shared with the company. The breach, which involved attackers gaining access to Sisense's code repository at Gitlab, resulted in the exfiltration of several terabytes of customer data, including access tokens, email account passwords, and SSL certificates. This incident raises concerns about data protection and encryption practices, as well as the potential impact on Sisense customers' security.

via Krebs on Security|

#breach #cisa #cybersecurity

technology2 years ago•3 min saved

"US Report Blames Microsoft for Security Failures in Chinese Hacks"

A federal Cyber Safety Review Board report has blamed Microsoft for "a cascade of security failures" that led to the 2023 Exchange breach, citing inadequate security culture and preventable errors. The report details critical failures in Microsoft's response to the breach and highlights inaccurate public statements and unsolved mysteries. Microsoft has acknowledged the need to adopt a new culture of engineering security and plans to review the report for additional recommendations.

via Ars Technica|

#breach #cyber-safety-review-board #cybersecurity