Security News > 2022 > August

Twilio confirmed a breach of the communication giant's network and accessed "a limited number" of customer accounts after tricking some employees into falling for a phishing attack. Twilio said it first became aware of the breach on August 4, after current and former employees received text messages claiming to be from Twilio's IT department saying the employees' passwords were expired, or for some other reason they needed to log into a phony URL that looked like Twilio's sign-in page.

Microsoft wants to make it safer for Edge users to browse and visit unfamiliar websites by automatically applying stronger security settings. "With enhanced security mode, Microsoft Edge helps reduce the risk of an attack by automatically applying more conservative security settings on unfamiliar sites and adapts over time as you continue to browse."

Patching security vulnerabilities should be a straightforward process. A report released Monday, August 8, by security firm Rezillion looks at how older vulnerabilities patched by the vendor still pose risks to organizations.

How to protect your organization from the top malware strains. A new government advisory looks at the top malware strains of 2021 and offers advice on how to thwart them.

Threat actors are making their way around two-factor authentication and using other clever evasion tactics in a recently observed phishing campaign aimed at taking over Coinbase accounts to defraud users of their crypto balances. Attackers employ a range of tactics to avoid detection, including one researchers call "Short lived domains"-in which the domains used in the attack "Stay alive for extremely short periods of time"-that deviates from typical phishing practices, researchers wrote.

The U.S. Treasury Department's Office of Foreign Assets Control sanctioned Tornado Cash today, a decentralized cryptocurrency mixer service used to launder more than $7 billion since its creation in 2019. The North Korean-backed APT Lazarus Group also used the crypto mixer to launder approximately $455 million stolen in the largest known cryptocurrency heist ever.

Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. "On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend.

7-Eleven stores in Denmark shut down today after a cyberattack disrupted stores' payment and checkout systems throughout the country. The attack occurred early this morning, August 8th, with the company posting on Facebook that they were likely "Exposed to a hacker attack".

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control infrastructure. Orchard is said to have undergone three revisions since February 2021, with the botnet primarily used to deploy additional payloads onto a victim's machine and execute commands received from the C2 server.

The reason I got stirred up is not that I want to change either my job or my position, as I am a happy camper being part of Cymulate's blue team. What upset me was that my friend could not grasp the idea that I wanted to keep working as a blue teamer because, as far as he was concerned, the only natural progression is to move to the red team.