compromised account | Breaking Cybersecurity News | The Hacker News

Several Myanmar journalists have recently received warnings from Google that their Gmail accounts may have been targets of state-sponsored attacks. After they login to their Gmail accounts, warning message," We believe state-sponsored attackers may be attempting to compromise your account or computer " was displayed on top as shown. Google had begun the policy of notifying users of suspicious activity in June. " We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users' accounts unauthorized. " Google said in a blog post . " If you see this warning it does not necessarily mean that your account has been hijacked. It just means that we believe you may be a target, of phishing or malware for example, and that you should take immediate steps to secure your account ." The Voice Weekly Journal's editor Aung Soe, Aye Aye Win, a Myanmar correspondent for the Associated Press, and Myat Thura, a Mya...

The Computer networks of Energy Department were attacked by unknown hackers in a major cyber attack two weeks ago and personal information on several hundred employees was compromised. The Washington Free Beacon reports that, FBI agents are investigating the attacks and 14 computer servers and 20 workstations reportedly were penetrated during the attack. Officials are working to determine the exact nature of the attack and the extent of potential damage. " They believe the sophisticated penetration attack was not limited to stealing personal information. There are indications the attackers had other motives, possibly including plans to gain future access to classified and other sensitive information ." The security breach resulted in the unauthorized disclosure of employee and contractor Personally Identifiable Information (PII) of several hundred people. Department is in the process of notifying employees whose information was stolen. However, Chinese ...

CIA Director was uncovered when a woman described as close to him received harassing emails and complained to authorities. The FBI traced the emails and found that they had been sent by Paula Broadwell, who wrote a highly favorable book on the former Army general's life and work. While initially investigating the reports, the FBI feared the CIA director's personal email account may have been hacked, but the sexual nature of the email exchanges exposed the affair. A Yahoo email account belonging to former CIA Director David Petraeus may have been compromised by the group Anonymous. The personal email account was exposed during the the leak of commercial intelligence company STRATFOR by Anonymous Hackers, among other millions of email accounts of customers belongs to the company.  The emails sent by Broadwell indicated that she perceived the other woman as a threat to her relationship with Petraeus, law enforcement officials. Anonymous also obtained email l...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership rights. This stealthy privilege escalation tactic allows a guest user to gain a privileged foothold in an environment where they should only have limited access. Many organizations treat guest accounts as low-risk based on their temporary, limited access, but this behavior, which works as designed, opens the door to known attack paths and lateral movement within the resource t...