Security News
Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone. A future without passwords may be closer than we think, at least when a new initiative to enlist your smartphone as a mobile authenticator gets off the ground.
T-Mobile hit by data breaches from Lapsus$ extortion group. T-Mobile was the victim of a series of data breaches carried out by the Lapsus$ cybercrime group in March.
The company added that it has mitigated the breach by terminating the hacker's group access to its network and disabled the stolen credentials that were used in the breach. Using these credentials Lapsus$ members can get access to the company's internal tools like - Atlas an internal T-Mobile tool for managing customer accounts.
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. "T-Mobile, in a statement, said that the incident occurred"several weeks ago, with the "Bad actor" using stolen credentials to access internal systems.
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "Several weeks ago" using stolen credentials and gained access to internal systems. Per T-Mobile, the Lapsus$ hackers didn't steal sensitive customer or government information during the incident.
It's important to understand that passwords are not passports. Using biometrics, which is a great security advancement, is not the same as identity, says Leonard Navarro, VP of Business Development at Nametag.
As businesses reopen for the first time in more than two years, companies are reassessing their mobile technology policies. A new study conducted by Samsung and Oxford Economics examines the impact of BYOD and employer-provided device strategies on small and midsize businesses.
An ongoing phishing campaign targets T-Mobile customers with malicious links using unblockable texts sent via SMS group messages. The New Jersey Cybersecurity & Communications Integration Cell issued a warning after multiple customers have filed reports of being targeted by this new SMS phishing campaign.
The United Stations Federal Communications Commission has labelled Kaspersky, China Mobile, and China Telecom as threats to national security. Kaspersky is the first non-Chinese company to be added to the FCC's list, but the agency did not tie its decision to Russia's illegal invasion of Ukraine.
Social engineering attacks leveraging a combination of romantic lures and cryptocurrency fraud have been luring unsuspecting victims into installing fake apps by taking advantage of legitimate iOS features like TestFlight and Web Clips. "This style of cyber-fraud, known as sha zhu pan - literally 'pig butchering plate' - is a well-organized, syndicated scam operation that uses a combination of often romance-centered social engineering and fraudulent financial applications and websites to ensnare victims and steal their savings after gaining their confidence," Sophos analyst Jagadeesh Chandraiah said in a report published last week.