Safeguard
Tag

breach

Safeguard articles tagged "breach" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Incident Analysis

LastPass 2022-2023: A Retrospective at Depth

A detailed walk through the two LastPass breaches of 2022 and their long 2023 tail, reconstructing how a developer laptop became a vault disclosure.

Sep 15, 20247 min read
Incident Analysis

AnyDesk Production Systems Compromised: Code Signing Certificates Stolen

AnyDesk confirmed a breach of their production systems in late January 2024, forcing revocation of code signing certificates and a mandatory password reset for all users.

Feb 2, 20245 min read
Incident Response

MongoDB Atlas Breach: Customer Metadata Exposed in Corporate Systems Attack

MongoDB disclosed unauthorized access to its corporate systems in December 2023, exposing customer metadata and contact information while Atlas cluster data remained secure.

Nov 15, 20235 min read
Incident Response

Okta's Support System Breach: Identity Provider Under Fire Again

Okta disclosed that attackers used stolen credentials to access its customer support system, downloading HAR files containing session tokens for multiple customers.

Oct 20, 20235 min read
Supply Chain Attacks

LastPass Second Breach: Encrypted Vaults Stolen Using Data from First Attack

LastPass revealed that the August breach enabled a second attack that exfiltrated encrypted customer vaults. The full scope of the damage was devastating.

Nov 22, 20226 min read
Incident Response

Uber's 2022 Breach: How an 18-Year-Old Social Engineered Past MFA

An attacker bombarded an Uber contractor with MFA push notifications until they accepted. What followed was a full compromise of internal systems.

Sep 16, 20226 min read
Supply Chain Attacks

LastPass Breach: How a Compromised Developer Environment Exposed Millions

LastPass disclosed that an attacker accessed their development environment for four days. The full impact wouldn't be known for months.

Aug 25, 20226 min read
Incident Response

GitHub OAuth Token Theft: The Heroku and Travis CI Breach

Attackers stole OAuth tokens from Heroku and Travis CI to access private GitHub repositories across dozens of organizations, including npm itself. The full scope of the breach took weeks to unravel.

Apr 15, 20225 min read
breach — Safeguard Blog