Security News
A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API. Known only by their 'emo' handle, they said the unsecured API endpoint used to steal the data provided an easy way to verify each impacted user's email address, name, and phone number. According to the threat actor, Life360 has since fixed the API flaw, and additional requests now return a placeholder phone number.
The FBI on Monday revealed it has gained access to a phone it says was used by Thomas Matthew Crooks - the man who shot at and wounded former US president Donald Trump on July 13 in an apparent failed assassination attempt. The bureau hasn't explained how it got into the cellphone, though it is known to have previously acquired capabilities that allow it to access locked devices - and even view encrypted content - despite the use of passwords and/or biometric authentication.
According to AT&T, the threat actor accessed phone call and text message records, including which phone numbers customers interacted with and, in some cases, cell site ID numbers. AT&T first became aware of the attack on April 19 after "a threat actor claimed" to have accessed the data, according to AT&T's SEC filing about the incident.
After first announcing onboard AI in January, Samsung expanded what it's calling the Galaxy AI ecosystem on July 10 at the Galaxy Unpacked event in Paris. Samsung's two newest phones are the Galaxy Z Fold6 and Galaxy Z Flip6, both of which use Google's Gemini AI for translation, creative features and cosmetic changes.
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The development comes days after an online persona named ShinyHunters published on BreachForums a database comprising 33 million phone numbers allegedly pulled from Authy accounts.
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. In late June, a threat actor named ShinyHunters leaked a CSV text file containing what they claim are 33 million phone numbers registered with the Authy service.
Multiple owners of Google Pixel 6 series phones have been reporting in the past week that their devices were "Bricked" after they performed a factory reset. The Pixel 6 series, released in late 2021, is approaching the typical upgrade cycle for many original buyers, and issues with the factory reset process have become significantly more impactful.
An open-source Android malware named 'Rafel RAT' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram. Researchers Antonis Terefos and Bohdan Melnykov at Check Point report detecting over 120 campaigns using the Rafel RAT malware.
An open-source Android malware named 'Ratel RAT' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram. This proves Ratel RAT is an effective attack tool against an array of different Android implementations.
Today, the Cybersecurity and Infrastructure Security Agency warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money. Those who suspect they're on the receiving end of a scam phone call where a criminal claims to be a CISA employee should never give in to their demands to send money, write down their phone number, and immediately hang up.