phishing

Twitter’s verification chaos is now a cybersecurity problem

Cybercriminals are already capitalizing on Twitter’s ongoing verification chaos by sending phishing emails designed to steal the passwords of unwitting users. The phishing email campaign, seen b

Bed, Bath & Beyond confirms data breach following employee phishing attack

U.S. retail giant Bed, Bath & Beyond has confirmed unauthorized access to company data after an employee was phished. In an 8-K filing to the U.S. Securities and Exchange Commission, the home good

Twilio says breach also compromised Authy two-factor app users

U.S. messaging giant Twilio has confirmed hackers also compromised the accounts of some Authy users as part of a wider breach of Twilio’s systems. Authy is Twilio’s two-factor authentication (

DoorDash hit by data breach linked to Twilio hackers

Food delivery giant DoorDash has confirmed a data breach that exposed customers’ personal information. In a blog post shared with TechCrunch ahead of its publication at market close, DoorDash sa

Twilio hackers breached over 130 organizations during months-long hacking spree

The hackers that breached Twilio earlier this month also compromised more than 130 organizations during their hacking spree that netted the credentials of close to 10,000 employees. Twilio’s rec

Kickstarter sent password reset emails to millions of users, but didn’t tell anyone why

Crowdfunding website Kickstarter sparked fears overnight of a possible security incident after the company sent unsolicited password reset emails to millions of users without prior explanation. The em

DigitalOcean says customer email addresses were exposed after latest Mailchimp breach

Cloud giant DigitalOcean says that some customers’ email addresses were exposed because of a recent “security incident” at email marketing company Mailchimp. In a scant blog post dated August 12

How an Armenian startup plans to use a new innovation to tackle the billion-dollar phishing industry

So-called “Domain-based Message Authentication, Reporting, and Conformance,” or DMARC, is a technical standard that is designed to protect the senders and recipients of email from spam, sp

Twilio hacked by phishing campaign targeting internet companies

Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials.  The San Francisco-based company, w

China-backed hackers targeted White House journalists before January 6

Researchers at cybersecurity company Proofpoint said they have observed the China-backed advanced persistent threat group, TA412, also known as Zirconium, engaging in several reconnaissance phishing c

Crypto hackers are increasingly phishing for new bait on social media

There was a significant rise in crypto-focused phishing attacks across social media sites in the second quarter, according to a new CertiK report.

NFT giant OpenSea reports major email data breach

Update (July 8, 12:15 PM IST): Opensea vendor consumer.io revealed today that customer data of five other companies were also compromised. While the firm didn’t name these clients, it said it ha

A hacked Kaiser Permanente employee’s emails led to breach of 70,000 patient records

Kaiser Permanente, the largest nonprofit health plan provider in the United States, has disclosed a data breach that exposed the sensitive health information of almost 70,000 patients. In a notice to

Chrome will now silence many of those annoying notification permission prompts on the web

Google today announced a set of new and updated security features for Chrome, almost all of which rely on machine learning (ML) models, as well as a couple of nifty new ML-based features that aim to m

Google brings phishing detection to Docs, Sheets and Slides, along with other privacy and security updates

Among the privacy and security-related updates announced today at Google’s I/O conference, the company says it’s bringing phishing protection to its suite of productivity apps, including D

HacWare lands $2.3M to expand cybersecurity awareness training

If you work at a company above a certain size, you’ll understand just how little patience we all feel for internal phishing awareness, even despite the fact that phishing remains one of the lead

Mailchimp says an internal tool was used to breach hundreds of accounts

Email marketing giant Mailchimp has confirmed a data breach after malicious hackers compromised an internal company tool to gain access to customer accounts. In a statement given to TechCrunch, Mailch

Google discovers threat actor working as an ‘initial access broker’ for Conti ransomware hackers

Google’s Threat Analysis Group has observed a financially motivated threat actor working as an intermediary for the Russian hackers, including the Conti ransomware gang. The group, which Google refe

Ukraine says Belarusian hackers are targeting its defense forces

Ukrainian cybersecurity officials have warned that Belarusian state-sponsored hackers are targeting the private email addresses of Ukrainian military personnel. Announcing the activity in a Facebook p

Twitter reinstates accounts sharing open source info on Russian military threat

Twitter disclosed that it mistakenly removed a number of accounts sharing details about Russian military activity Wednesday, as the nation’s aggressive posture toward neighboring Ukraine threate
Load More