data breaches

Leadership | Apr 01, 2025

Oracle’s alleged data breach is looking very real and very big

Leading CISO: "Oracle's absolute denialism doesn't inspire confidence"

Security | Jan 24, 2025

Fortinet firewall credentials dump: What the published emails show

The UK's "Medicines Discovery Catapult"; Hitachi; Bletchley Park, among the names in a trove of firewall passwords and rules leaked this week.

ransomware | Jun 25, 2024

Chip firm Marvell in "third-party" data breach as LockBit resurfaces

Criminals offer no proof of Federal Reserve breach claim

Snowflake | Jun 10, 2024

Mandiant confirms 165 Snowflake breach victims – sees custom .NET and Java reconnaissance tool

“At least 79.7% of the accounts leveraged by the threat actor in this campaign had prior credential exposure

Snowflake | Jun 03, 2024

Snowflake: CrowdStrike and Mandiant say we're clean

"This appears to be a targeted campaign directed at users with single-factor authentication"

Security | Jun 01, 2024

Snowflake warns over “rapeflake” data breaches

"The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."

Security | May 09, 2024

Zscaler breach: Says single test server exposed, downplays risk

"No impact or compromise to our customer, production and corporate environments" -- but were credentials stolen?

| Security | Apr 21, 2024

MITRE attack strikes a NERVE after Ivanti to VMware pivot

"We did not detect… lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient.”

Security | Apr 12, 2024

Sisense breach: CISO posts guidance amid frantic community action

"They have direct access to JDBC connections, to SSH, and to SaaS platforms... This is a worst case scenario"

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();