Security News

GitHub revealed details tied to last week's incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. "We do not believe the attacker obtained these tokens via a compromise of GitHub or its systems because the tokens in question are not stored by GitHub in their original, usable formats," said Mike Hanley, chief security officer, GitHub.

GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. The attacker used stolen OAuth app tokens issued to Heroku and Travis-CI to breach GitHub.com customer accounts with authorized Heroku or Travis CI OAuth app integrations.

The American beverage giant has started to investigate after the Stormous gang said that it successfully breached some of the company's servers and stole 161GB of data. The threat actors listed a cache of the data for sale on their leak site, asking 1.65 Bitcoin, currently converted to around $64,000.

Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang. Stating that the "Impact of the incident was significantly less than the maximum potential impact" the company had previously shared last month, Okta said the intrusion impacted only two customer tenants, down from 366 as was initially assumed.

Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected. Okta admitted last month it made a mistake delaying the disclosure of a January breach from the Lapsus$ data extortion group, an error caused by the company not being aware of the extent of the incident and its impact on customers.

More than 40% of SMBs surveyed have been hit with a cybersecurity breach. Cyberattacks pose a threat to all organizations large and small, but SMBs can be particularly vulnerable as they often lack the budget, resources and expertise to prevent and recover from a successful security breach.

American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company's data in March. "We believe the incident involved associate and franchisee data including information such as: names, Social Security Numbers, dates of birth, and employee identification numbers," discloses a Snap-on data breach notification submitted to the California Attorney General's office.

An XM Cyber report reveals the security gaps and hygiene issues that exist in multiple attack paths across on-prem and cloud environments, demonstrating the importance of risk visibility across the entire network. Organizations today are increasingly investing in new technology to boost their business, but don't realize that, since these technologies are all connected, they pose a great risk to critical assets.

Security from Device to SaaS - securing a SaaS environment isn't enough when it comes to protecting against a breach. SSO does not go far enough, and organizations that take SaaS security seriously must also include MFA security measures.

Block, the company formerly known as Square, has disclosed a data breach that involved a former employee downloading unspecified reports pertaining to its Cash App Investing that contained information about its U.S. customers. "While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended," the firm revealed in a April 4 filing with the U.S. Securities and Exchange Commission.