June 15, 2024 at 01:15PM Microsoft’s ‘Secure Future Initiative’ for Outlook personal email accounts includes deprecating basic authentication by September 16, 2024. It aims to enhance cybersecurity by phasing out unsafe practices and replacing them with modern authentication methods backed by multi-factor authentication. Deprecations include ‘Mail’ and ‘Calendar’ apps on Windows and Outlook Light, with … Read more
June 14, 2024 at 03:00AM AWS made several security announcements at its re:Inforce conference, including new features for identity and malware protection services. These include support for passkeys as part of multi-factor authentication, IAM Access Analyzer enhancements, Amazon GuardDuty Malware Protection for S3, and a preview of natural language query generation in AWS CloudTrail Lake. … Read more
June 11, 2024 at 02:10PM Pure Storage confirmed a data breach involving a single Snowflake data analytics workspace. No customer data was compromised, but telemetry information such as company names and email addresses was accessed. Security firm Mandiant identified a common factor in the breaches as the lack of Multi-Factor Authentication. Pure Storage stated that … Read more
June 11, 2024 at 03:21AM As many as 165 Snowflake customers had their data potentially exposed in a campaign targeting data theft and extortion, identified as UNC5537 by Mandiant. The group is believed to operate under various aliases, targeting organizations worldwide and collaborating with a party based in Turkey. Snowflake is taking measures to enhance … Read more
June 10, 2024 at 11:32PM Unknown financially motivated crime crew “UNC5537” has stolen a substantial amount of data from Snowflake customers by using stolen credentials. The crew may have ties to “Scattered Spider” and has targeted multiple organizations by compromising contractor systems. The theft was enabled by the absence of multi-factor authentication and the use … Read more
June 7, 2024 at 03:53PM Apple is set to launch a standalone password manager, ‘Passwords’, with iOS 18, iPadOS 18, and macOS 15 at the Worldwide Developers Conference. It aims to simplify and secure password management, potentially competing with established apps like Bitwarden and LastPass. Additionally, it may support multi-factor authentication, but Apple has not … Read more
June 4, 2024 at 12:46PM Ticketmaster and Santander Bank experienced major data breaches due to inadequate security measures on a third-party cloud storage service. The breaches exposed sensitive data of millions of customers. Security analysts suspect the service provider as Snowflake, but Snowflake denies any platform breach. Experts emphasize the importance of implementing robust security … Read more
June 4, 2024 at 07:06AM Snowflake, in collaboration with CrowdStrike and Mandiant, has reported a targeted campaign against a limited number of its customers. The company recommends enabling multi-factor authentication and limiting network traffic to trusted locations to prevent unauthorized access. U.S. CISA and ACSC issued alerts, and it’s advised to look for signs of … Read more
May 31, 2024 at 01:36PM A threat actor claimed to have breached Santander and Ticketmaster, stealing data from employee accounts at Snowflake, a cloud storage provider, with the intent to extort $20 million. Snowflake refuted the claims, attributing the breaches to poorly secured customer accounts. The company is investigating unauthorized access and advises customers to … Read more
May 30, 2024 at 07:54AM Okta warns customers of credential stuffing attacks targeting its Customer Identity Cloud’s cross-origin authentication feature. The company advises reviewing logs for suspicious activity, rotating compromised passwords, and enrolling in passwordless authentication. Okta recommends strong password requirements, multi-factor authentication, and other security measures to mitigate the risks. Shares of Okta are … Read more