Security News

Aqua Trivy open-source security scanner now finds Kubernetes security risksThe Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials generation. Sumo Logic discloses potential breach via compromised AWS credentialCloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday.

Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. The mortgage loan giant's notice says it's still investigating the nature of the compromised data and will provide affected customers with more information over the coming weeks.

Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. [...]

The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population. Various Maine state agencies were among the thousands of organizations worldwide using the Progress Software data transfer product.

McLaren Health Care is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information.McLaren says it currently holds no evidence that cybercriminals abused the exposed data but urges impacted individuals to be cautious with unsolicited communications and keep a close eye on their bank account activity.

A critical zero-day vulnerability in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. The group has also similarly leveraged zero days in the Accellion file transfer appliance and Fortra's GoAnywhere file transfer solution.

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS account was compromised last week.The company detected evidence of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to gain access to a Sumo Logic AWS account.

It's the latest in a string of unusual wallet-draining attacks that began in April The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the...

Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. "On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account," the company said in its security notice.

Singapore-based luxury resort and casino Marina Bay Sands has suffered a data breach that exposed data of 665,000 non-casino rewards program members. "Marina Bay Sands became aware of a data security incident on 20 October 2023 involving unauthorized third-party access on 19 and 20 October 2023 to some of our customers' loyalty programme membership data," the hospitality establishment said in a security incident notice.