Security News
Threat analysts have observed a new campaign named 'OiVaVoii', targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. OAuth is a standard for token-based authentication and authorization, removing the need to enter account passwords.
Twitter's head of security and CISO both ejected from the social media biz this month. He's now out of the micro-blogging site, as is CISO Rinki Sethi, who was also recruited in 2020 to fix up Twitter's security.
Moxie Marlinspike, the founder of the popular encrypted instant messaging service Signal, has announced that he is stepping down as the chief executive of the non-profit in a move that has been underway over the last few months. "In other words, after a decade or more, it's difficult to overstate how important Signal is to me, but I now feel very comfortable replacing myself as CEO based on the team we have, and also believe that it is an important step for expanding on Signal's success," Marlinspike said in a blog post on Monday.
Moxie Marlinspike, the creator of the Signal secure messaging app, on Monday announced his resignation as CEO of the company. Marlinspike said he had always intended to grow Signal to the point that it could go on without his direct involvement but that wasn't possible as recently as four years ago when he was writing most of the code, managing employees, and personally handling support.
Russian authorities on Wednesday arrested and detained Ilya Sachkov, the founder of cybersecurity firm Group-IB, for two months in Moscow on charges of state treason following a search of its office on September 28. The Russian company, which is headquartered in Singapore, confirmed the development but noted the "Reason for the search was not yet clear," adding "The decentralized infrastructure of Group-IB allows us to keep our customer's data safe, maintain business operations and work without interruption across our offices in Russia and around the world."
Russian law enforcement on Tuesday has arrested Ilya Sachkov, the co-founder and CEO of cybersecurity company Group-IB, on suspicion of high treason resulting from sharing data with foreign intelligence. Authorities carried out searches at Group-IB offices in Moscow that started early morning on Tuesday and lasted till evening.
In a Wednesday announcement, the FTC slammed SpyFone, calling it a stalkerware app that not only sold real-time access to "Stalkers and domestic abusers to stealthily track the potential targets of their violence." It added SpyFone also one failed to provide even basic security, exposing device owners "To hackers, identity thieves, and other cyber threats." The FTC described SpyFone as "a stalkerware app that allowed purchasers to surreptitiously monitor photos, text messages, web histories, GPS locations, and other personal information of the phone on which the app was installed without the device owner's knowledge."
Today, T-Mobile's CEO Mike Sievert said that the hacker behind the carrier's latest massive data breach brute forced his way through T-Mobile's network after gaining access to testing environments. Sievert added that, following an investigation supported by Mandiant security experts, the company closed the access points used by the hacker to breach T-Mobile's network.
Today, T-Mobile's CEO Mike Sievert said that the hackers behind the carrier's latest massive data breach were able to brute force their way through T-Mobile's network after gaining access to testing environments. In 2018, info belonging to millions of T-Mobile customers was accessed by hackers.
Likely inspired by the LockBit ransomware gang, a Nigerian threat actor tried their luck with a $1 million payment lure to recruit an insider to detonate a ransomware payload on the company servers. With introductions no longer needed, the threat actor delivered the ransomware payload and the conversation kept flowing over Telegram, providing insight into the motivation and technical abilities of the scammer.