Security News

The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults using data siphoned from the break-in.

Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed number of customers. "BetMGM's online operations were not compromised. BetMGM is coordinating with law enforcement and taking steps to further enhance its security."

LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. Toubba added in a new update to the original statement that Lastpass' cloud storage was accessed using "Cloud storage access key and dual storage container decryption keys" stolen from its developer environment.

The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. Next, FIN7's internal 'marketing' team scrutinizes new entries and adds comments on the Checkmarks platform to list victims' current revenue, number of employees, domain, headquarters details, and other information that helps pentesters determine if the firm is worth the time and effort of a ransomware attack.

Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month. The security event, which was first reported by Bleeping Computer, involved unidentified threat actors gaining access to the Okta Workforce Identity Cloud code repositories hosted on GitHub.

Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code execution on vulnerable servers through Outlook Web Access. Cybersecurity firm CrowdStrike spotted the exploit while investigating Play ransomware attacks where compromised Microsoft Exchange servers were used to infiltrate the victims' networks.

Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum. SevenRooms is a restaurant customer relationship management platform used by international restaurant chains and hospitality service providers, such as MGM Resorts, Bloomin' Brands, Mandarin Oriental, Wolfgang Puck, and many more.

Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking forum. The company offers an API allowing customers to integrate the Social Blade data directly into their own platforms.

Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group's official second-hand and vintage marketplace for LEGO bricks. BrickLink is the world's largest online community of LEGO fans, with over a million registered members.

Twitter confirmed today that the recent leak of millions of members' profiles, including private phone numbers and email addresses, resulted from the same data breach the company disclosed in August 2022. Twitter says its incident response team analyzed the user data leaked in November 2022 and confirms it was collected using the same vulnerability before it was fixed in January 2022.