As per sources, Twilio, a communication services provider, suffered another security breach on June 29, 2022, which was conducted by the same threat actor who was responsible for the August hack, which resulted in unauthorized access to customer information. During June, a Twilio employee was socially engineered via voice phishing (or 'vishing,' and the malicious actor gained access to a limited number of customers' contact information. Furthermore, the successful attack was detected and stopped within 12 hours, alerting affected customers. Twilio did not specify how many customers were affected by the June incident, nor why it was discovered four months later, but it did divulge the details of the second breach, claiming that the breach affected 93 Authy users and 209 customers. The attack against Twilio was carried out as part of a campaign targeting financial, telecom, and education businesses by the hacking groups 0ktapus and Scatter Swine.
Security researchers have disclosed a novel “AI-targeted cloaking” technique that tricks AI crawlers—such as those used by ChatGPT and Perplexity—into indexing and citing f...
A sophisticated malware campaign is targeting WordPress-based e-commerce websites running the WooCommerce plugin, as uncovered by the Wordfence Threat Intelligence Team. The malici...
AhnLab’s ASEC and recent reporting indicate that the Trigona ransomware group continues to target publicly accessible Microsoft SQL (MS-SQL) servers. The attackers typically gain...