third party compromise Archives

third party compromise

LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC

February 28, 2023

LastPass is, once again, telling customers about a security incident related to the August 2022 breach of its development environment and subsequent unauthorized access to the …

50% of organizations have indirect relationships with 200+ breached fourth-party vendors

February 2, 2023

98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years, according to SecurityScorecard and The …

GoTo now says customers’ backups have also been stolen

January 24, 2023

GoTo (formerly LogMeIn) has confirmed on Monday that attackers have stolen customers’ encrypted backups from a third-party cloud storage service related to its Central, …

Why chasing risk assessments will have you chasing your tail

October 20, 2022

Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third …

Your vendors are likely your biggest cybersecurity risk

September 5, 2022

As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage. With organizations …

DigitalOcean customers affected by Mailchimp “security incident”

August 16, 2022

A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on …

Why cyber security can’t just say “no“

May 17, 2022

There was a time, not long ago, when there were only so many ways of accomplishing an information technology task. Whether you were building a website, setting up a new …

Manage and monitor third-party identities to protect your organization

April 26, 2022

SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from …

18% of the top 99 insurance carriers have a high susceptibility to ransomware

April 8, 2022

Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top …

Okta names contractor involved in Lapsus$ gang’s attack

March 24, 2022

Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. What happened? “Like many SaaS …

Strengthening third-party vendor programs in times of crisis and beyond

March 24, 2022

The ongoing global turmoil has tested the supply chain across industries in a myriad of ways – from strained resources and remote workflows to security concerns and more. …

Microsoft and Okta confirm, detail impact of Lapsus$ gang’s attacks

March 23, 2022

Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have …