Security News
How Google plans to make stolen session cookies worthless for attackersGoogle is working on a new security feature for Chrome called Device Bound Session Credentials, meant to prevent attackers from using stolen session cookies to gain access user accounts. A "Cascade" of errors let Chinese hackers into US government inboxesMicrosoft still doesn't known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials.
AT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. The lawsuit alleges that AT&T failed to adequately protect customers' personal data, leading to a cyberattack and subsequent data breach that exposed sensitive information for 73 million people.
AT&T has confirmed that the data set leaked on the dark web some two weeks ago does contain "AT&T data-specific fields".According to AT&T, the batch includes data of approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders: full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and passcode.
AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. While the company continues to say there is no indication their systems were breached, it has now confirmed that the leaked data belongs to 73 million current and former customers.
AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company. While BleepingComputer has not been able to confirm the legitimacy of all the data in the database, we have confirmed some of the entries are accurate, including those whose data is not publicly accessible for scraping.
Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T are complaining Thursday morning about the lack of wireless service or interruptions to service. "The San Francisco Fire Department published a"cell phone service outage" announcement saying that "AT&T wireless customers can't make or receive any phone calls, although the 911 center is operational.
Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T are complaining Thursday morning about the lack of wireless service or interruptions to service. According to data from problem tracking site Downdetector more than 73,000 AT&T customers from multiple states - including North Carolina, Louisiana, Texas, and Florida, reported a lack of service.
AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked in January. "The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. We are notifying affected customers."
AT&T details edge computing and the security risks that you should be concerned about. AT&T has released its annual Cybersecurity Insights Report, with several key takeaways from 2021 and predictions for the year ahead. Edge computing is a key focus of the report, as AT&T goes into detail about the state of edge, as well as the company outlining the risks and security based on survey data and interviews of over 1,500 IT executives.
Researchers from Netlab, a network security division of Chinese tech giant Qihoo 360, first discovered what they characterized as a "Brand-new botnet" attacking Edgewater Networks devices, using a vulnerability in EdgeMarc Enterprise Session Border Controllers, tracked as CVE-2017-6079. Netlab eventually identified the devices as belonging to AT&T, which confirmed the existence of the botnet to analyst firm Recorded Future's The Record.