October 20, 2024 at 10:58AM The Internet Archive experienced another breach, exposing user data and Zendesk emails due to failure in properly rotating stolen GitLab authentication tokens. A threat actor claimed credit for the breach, asserting they stole 7TB of data, not for profit but to gain notoriety among cybercriminals. ### Meeting Takeaways 1. **Breach … Read more
March 8, 2024 at 12:32PM The Russian APT group Midnight Blizzard has gained access to Microsoft’s source code and internal systems, posing a serious threat. The attackers, also known as APT29, Cozy Bear, Nobelium, and UNC2452, are escalating their efforts and targeting password-spraying attempts. The breach could lead to zero-day vulnerability exploitation, highlighting the critical … Read more
March 8, 2024 at 10:34AM Microsoft discovered that the Russian hacking group ‘Midnight Blizzard’ accessed their internal systems and source code after stealing authentication secrets in January. They gained access using a non-production test account without multi-factor authentication. Microsoft is informing affected customers and increasing security measures to defend against these advanced persistent threats. From … Read more