Security News

The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population. Various Maine state agencies were among the thousands of organizations worldwide using the Progress Software data transfer product.

McLaren Health Care is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information.McLaren says it currently holds no evidence that cybercriminals abused the exposed data but urges impacted individuals to be cautious with unsolicited communications and keep a close eye on their bank account activity.

A critical zero-day vulnerability in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. The group has also similarly leveraged zero days in the Accellion file transfer appliance and Fortra's GoAnywhere file transfer solution.

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS account was compromised last week.The company detected evidence of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to gain access to a Sumo Logic AWS account.

It's the latest in a string of unusual wallet-draining attacks that began in April The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the...

Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. "On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account," the company said in its security notice.

Singapore-based luxury resort and casino Marina Bay Sands has suffered a data breach that exposed data of 665,000 non-casino rewards program members. "Marina Bay Sands became aware of a data security incident on 20 October 2023 involving unauthorized third-party access on 19 and 20 October 2023 to some of our customers' loyalty programme membership data," the hospitality establishment said in a security incident notice.

"We did not pay a ransom and we are aware that data connected to the cyber incident has been published." - TransForm. Bluewater Health: Data on 5.6 million patient visits corresponding to 267,000 unique patients.

The Marina Bay Sands (MBS) luxury resort and casino in Singapore has disclosed a data breach that impacts personal data of 665,000 customers. [...]

The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. The threat actor took advantage of the access they had gained to the Okta Support system and to unsanitized HAR files provided by the customers to Okta Support.