Latest Cyber Security News

You are here: Home / Archives for General Cyber Security News

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees August 10, 2022Ravie Lakshmanan Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated  phishing attack against Twilio . "They came from four phone numbers associated with T-Mobile-issued SIM cards: (754) 268-9387, (205) 946-7573, (754) 364-6683 and (561) 524-5989," it  said . "They pointed to an official-looking domain: cloudflare-okta.com." The attack, which transpired around the same time Twilio was targeted, was ultimately unsuccessful. The wave of over 100 smishing messages commenced less than 40 minutes after the rogue domain was registered via Porkbun, the company noted, adding the phishing page was designed to relay the credentials entered by unsuspecting users to the attacker via Telegram in real-time. This also meant that the attack could defeat 2FA roadblocks, as the Time-based One Time Password ( TOTP ) codes inp

Hackers Behind Twilio Breach Also Qualified Cloudflare Employees August 10, 2022Ravie Lakshmanan Web infrastructure enterprise Cloudflare on Tuesday disclosed at least 76 workers and their family …

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees August 10, 2022Ravie Lakshmanan Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated  phishing attack against Twilio . "They came from four phone numbers associated with T-Mobile-issued SIM cards: (754) 268-9387, (205) 946-7573, (754) 364-6683 and (561) 524-5989," it  said . "They pointed to an official-looking domain: cloudflare-okta.com." The attack, which transpired around the same time Twilio was targeted, was ultimately unsuccessful. The wave of over 100 smishing messages commenced less than 40 minutes after the rogue domain was registered via Porkbun, the company noted, adding the phishing page was designed to relay the credentials entered by unsuspecting users to the attacker via Telegram in real-time. This also meant that the attack could defeat 2FA roadblocks, as the Time-based One Time Password ( TOTP ) codes inpRead More