Twilio, which runs a customer engagement platform used by thousands of businesses, says that its employees were tricked via SMS phishing messages into giving attackers their login credentials, resulting in the theft of information on customers, as well as their customers and end users.
Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through its bug bounty program in January.
Accused cryptocurrency money launderer Alexander Vinnik made his first appearance in U.S. federal court today. The Russian national faces 55 years imprisonment for his alleged involvement in laundering hacking proceeds through Bitcoin on the BTC-e cryptocurrency exchange.
The Federal Financial Institutions Examination Council is asking for comments regarding the Cybersecurity Assessment Tool, the ostensibly voluntary way for banks and credit unions to self-assess exposure to risk and the maturity of their cybersecurity.
The U.K.'s National Health Service is experiencing IT outages resulting from a cyberattack on a third-party vendor. Birmingham-based technology provider Advanced's Adastra system supplies digital services for urgent healthcare services number 111.
Federal authorities, in two separate advisories issued Thursday, urge healthcare sector entities to proactively address security risks from internet of things devices equipped with sensors, software and other technologies to connect and exchange data over the internet and from open web applications.
An unnamed Eastern Europe company became a victim of that continent's largest-ever distributed denial-of-service attack, says Akamai. The report comes in a season with a record-breaking volume of DDoS attacks, fueled greatly by geopolitical events led by Russia's invasion of Ukraine.
Ivan Milenkovic became the group information security director of Webhelp in January 2020. Six weeks later, the pandemic changed everything. Today, Webhelp is twice the size it was in 2020, and Milenkovic discusses the cybersecurity challenges his team has overcome to support that growth.
The hackers who stole $190 million from cross-chain bridge Nomad stand to keep up to 10% of the loot and escape civil liability and criminal prosecution. The only caveat: They must return the rest of the money. Then, the firm says, it will label them as white hats and won't pursue legal action.
In the latest weekly update, four editors at Information Security Media Group discuss key takeaways from ISMG's recent Government Summit, how hackers siphoned nearly $200 million from cryptocurrency bridge Nomad and how midsized businesses are the new frontier for ransomware.
The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.
The government of India withdrew a long-anticipated personal data protection bill from Parliament. The government of Prime Minister Narendra Modi vowed to instead introduce a comprehensive framework of global standard laws including digital privacy laws