Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?

A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor that… Continue reading Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?

UN aviation agency investigating possible data breach

The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting int… Continue reading UN aviation agency investigating possible data breach

Preventing data leakage in low-node/no-code environments

Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster agility and … Continue reading Preventing data leakage in low-node/no-code environments

Massive troves of Amazon, HSBC employee data leaked

A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May 2023 MOVEit hack by the Cl0p ran… Continue reading Massive troves of Amazon, HSBC employee data leaked

Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have … Continue reading Patching problems: The “return” of a Windows Themes spoofing vulnerability

Internet Archive data breach, defacement, and DDoS: Users’ data compromised

The Internet Archive has suffered a data breach, leading to the compromise of email addresses, screen names and bcrypt password hashes of some 31 million users. The compromise was revealed on Wednesday afternoon, when the digital library’s websit… Continue reading Internet Archive data breach, defacement, and DDoS: Users’ data compromised

Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach

Deloitte says no sensitive data exposed after a notorious hacker leaked what he claimed to be internal communications. 
The post Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach appeared first on SecurityWeek.
Continue reading Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach