As per sources, Twilio, a cloud communication company, confirmed on August 4, 2022, that some of its customers' data were accessed by unknown attackers who breached internal systems using stolen employee credentials via an SMS phishing attack. Twilio provides programmable voice, text, chat, video, and email APIs used by more than 10 million developers and 150,000 businesses around the world. In the phishing attack, threat actors impersonated Twilio's IT department and Twilio employees were tricked into clicking embedded links containing 'Twilio,' 'Okta,' and 'SSO' keywords that redirected to a site that looks like Twilio sign-in page. Additionally, the SMS phishing messages warn victims that their passwords had expired or would be changed soon. In regards to the network breach, a Twilio spokesperson declined to share more information on the number of employees and customers affected by the phishing attack. Twilio highlighted that the phishing text messages originated from U.S carriers and have worked with the carriers to shut down the actors and with the hosting providers serving the malicious URLs to shut those accounts down. In addition, the company claimed that they are working with law enforcement to block the attackers' access to their systems and said they informed affected customers individually of the attack details and have yet to identify the attackers. In addition, Twilio mentioned that other companies have been subjected to similar attacks and they have coordinated their response to the hackers, as well as, working with carriers and registrars to prevent malicious messages and URLs. But, still, threat actors were observed to continue to use different carriers and hosting providers to perform malicious activities.
Zscaler ThreatLabz researchers have uncovered a surge in fraudulent websites hosted on popular web hosting and blogging platforms, part of an elaborate strategy to spread malware t...
The Federal Trade Commission (FTC) has announced that it will distribute $5.6 million in refunds to Ring users affected by privacy and security issues. The refunds come as part of ...
In the summer of 2023, the Lazarus Group, a threat actor linked to North Korea, employed its well-known fabricated job lures to deliver a new remote access trojan (RAT) named Kaoli...