Experimental News Clipping Site

Tag: security breach

  • The Register: Careless engineer stored recovery codes in plaintext, got whole org pwned

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/15/ransomware_recovery_codes_plaintext/ Source: The Register Title: Careless engineer stored recovery codes in plaintext, got whole org pwned Feedly Summary: Cautionary tale from the recent SonicWall attacks Failing to encrypt sensitive data leaves you wide open to attack. During the recent SonicWall attack spree, intruders bypassed multi-factor authentication (MFA) in at least one case, because…

  • Unit 42: Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/third-party-supply-chain-token-management/ Source: Unit 42 Title: Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain Feedly Summary: Effective OAuth token management is crucial for supply chain security, preventing breaches caused by dormant integrations, insecure storage or lack of rotation. The post Trusted Connections, Hidden Risks: Token Management in the Third-Party Supply Chain…

  • Slashdot: Jaguar Land Rover Extends Shutdown After Cyber Attack

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/09/08/2044243/jaguar-land-rover-extends-shutdown-after-cyber-attack Source: Slashdot Title: Jaguar Land Rover Extends Shutdown After Cyber Attack Feedly Summary: AI Summary and Description: Yes Summary: Jaguar Land Rover has faced a significant cyberattack that led to the shutdown of its factories both in the UK and internationally. This incident underscores the vulnerabilities that organizations, especially in manufacturing, face…

  • Wired: ICE Has Spyware Now

    by

    Kurt Seifried
    in

    Source URL: https://www.wired.com/story/ice-has-spyware-now/ Source: Wired Title: ICE Has Spyware Now Feedly Summary: Plus: An AI chatbot system is linked to a widespread hack, details emerge of a US plan to plant a spy device in North Korea, your job’s security training isn’t working, and more. AI Summary and Description: Yes Summary: The text highlights significant…

  • The Cloudflare Blog: The impact of the Salesloft Drift breach on Cloudflare and our customers

    by

    Kurt Seifried
    in

    Source URL: https://blog.cloudflare.com/response-to-salesloft-drift-incident/ Source: The Cloudflare Blog Title: The impact of the Salesloft Drift breach on Cloudflare and our customers Feedly Summary: An advanced threat actor, GRUB1, exploited the integration between Salesloft’s Drift chat agent and Salesforce to gain unauthorized access to Salesforce tenants of Cloudflare and many other companies. AI Summary and Description: Yes…

  • Krebs on Security: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ Source: Krebs on Security Title: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft Feedly Summary: The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate…

  • Embrace The Red: Wrap Up: The Month of AI Bugs

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/wrapping-up-month-of-ai-bugs/ Source: Embrace The Red Title: Wrap Up: The Month of AI Bugs Feedly Summary: That’s it. The Month of AI Bugs is done. There won’t be a post tomorrow, because I will be at PAX West. Overview of Posts ChatGPT: Exfiltrating Your Chat History and Memories With Prompt Injection | Video ChatGPT…