Identity and access management giant Okta says some customer data was exposed by the "relentless phishing campaign" that breached Twilio, which it uses to provide some SMS services. Twilio says attackers accessed data for 163 customer organizations.
An Iranian government-backed hacking group known as Charming Kitten has updated its malware arsenal to include an email inbox scraping tool, proof of the group's dedication to developing and maintaining purpose-built capabilities. The tool spoofs the user agent to look like an outdated browser.
In the tit-for-tat world of advanced persistent threats, security measures set by Microsoft such as multifactor authentication are being met by Russian hacking group APT29 with circumvention techniques. Mandiant says it's seeing several new hacking methods by the group, also known as Cozy Bear.
Four ISMG editors discuss how security leaders determine the right level of security for the business, the growing risk of business ID theft to enterprises, and the arrest of a developer suspected of working for cryptocurrency mixing service Tornado Cash, for "facilitating money laundering."
Cloud collaboration suites like Microsoft 365 are critical to business success, but have become significant entry points for potential exploitation. Just as your team relies on email and collaboration tools to accomplish their goals, so too do sophisticated threat actors. And while the built-in security of Microsoft...
Attackers are attempting to reset the passwords of some DigitalOcean customers, the cloud infrastructure provider says. The email addresses of these customers were likely exposed in a data breach involving Mailchimp, which provided transactional email services for DigitalOcean.
Marketers rely on events to create brand awareness and generate demand, and physical events are coming back after the COVID-19 pandemic, says Gily Netzer of Perimeter 81. But "not everybody is traveling," she says, so hybrid events - and SaaS-driven corporate networks - are the future for companies.
U.S. Cyber Command and Security Service of Ukraine revealed malware indicators recently detected in Ukraine, which is resisting invasion by Russia. Cybersecurity firm Mandiant, which has ties to the U.S. military, published a detailed analysis of phishing campaigns with links to Belarus and Russia.
The "deliberate actions" of a now-fired senior engineer at Customer.io put at risk email addresses of six client companies, including NFT marketplace OpenSea. The email delivery vendor did not specify how many individuals are now at elevated risk of phishing attacks.
"Credential phishing is off the charts," says Tonia Dudley of Cofense. She discusses the challenge for organizations to strike a balance between having the right controls in place to block malicious emails and stopping the business from receiving legitimate emails.
Abnormal Security is out with new financial crimes research, and it
shows that traditional business email compromise is evolving into
new forms of financial supply chain compromise. Crane Hassold
shares insights on the crimes and how best to detect, deter and
respond to them.
In a video interview with Information...
The new Expel Quarterly Threat Report provides data on what we’re seeing,
detection opportunities, and resilience recs to help protect your organization.
We’ll dive into the trends in this report, based on incidents the Expel security
operations center (SOC) team identified through investigations into...
The new Expel Quarterly Threat Report provides data on what we’re seeing,
detection opportunities, and resilience recs to help protect your organization.
We’ll dive into the trends in this report, based on incidents the Expel security
operations center (SOC) team identified through investigations into...
Material Security has closed a $100 million funding round on a $1.1 billion valuation to extend its protection of sensitive content at rest beyond email. The startup will take patents for defending content in old emails and apply them to SaaS applications such as Dropbox, Google Drive and Slack.
Abnormal Security has closed a $210 million funding round on a $4 billion valuation to apply its account takeover prevention technology to areas other than email. The company wants to use its AI to protect accounts across systems and SaaS platforms and in environments such as Workday and Salesforce.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.
