Security News

Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack similar to the one that led to Twilio's network being breached last week. Although the attackers got their hands on Cloudflare employees' accounts, they failed to breach its systems after their attempts to log in using them were blocked since they didn't have access to their victims' company-issued FIDO2-compliant security keys.

Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some internal company systems and customer data.Apparently, Twilio employees were not the only ones targeted by these attackers.

Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. "On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend.

A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. Over the past 1.5 months since its discovery, the new botnet used over 3,500 unique IPs worldwide to scan and attempt brute-forcing Linux SSH servers.

Black Kite: Cost of data breach averages $15 million. Based on a review of 2,400 cyber incidents between 2017-2022 at 1,700 companies, cyber risk monitoring firm Black Kite concluded the average cost, excluding outliers, of a data breach today is $15 million.

MBDA, one of the largest missile developers and manufacturers in Europe, has responded to rumors about a cyberattack on its infrastructure saying that claims of a breach of its systems are false. The extortionists had acquired MBDA data from an external drive used by the company's Italian division and demanded a ransom to not leak or sell the files.

The global average cost of a data breach reaches an all-time high of $4.35 millionIBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. Minimizing risk: Key cybersecurity-related M&A considerationsIn this Help Net Security video, Lenny Zeltser, CISO at Axonius, shares key cybersecurity-related considerations that both acquirer and acquired should keep in mind as they go through M&A. Trust in fintech security has been waveringThe growing rate of cybercrime has added to the market unrest and questioned fintech preparedness; some claimed that the industry players are more susceptible to virtual threats than traditional banking, with greater resources at their disposal.

Leisurely bug fixes all that, and more, on the Naked Security Podcast. DOUG. We talked about an Office macro security feature that people were asking for for the better part of 20 years.

Identity security is a priority, yet board buy-in is critical. 90% of respondents state that their organizations fully recognize the importance of identity security in enabling them to achieve their business goals, and 87% say that it is one of the most important security priorities for the next 12 months.

IBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. Almost 80% of critical infrastructure organizations studied don't adopt zero trust strategies, seeing average breach costs rise to $5.4 million - a $1.17 million increase compared to those that do.