Skip to main content

A huge phishing campaign has targeted over 130 companies, including Twilio and Signal

The 0ktapus phishing campaign is one of the best-executed security attacks of this scale to date. | Illustration by Alex Castro / The Verge

Over 130 organizations, including Twilio, DoorDash, and Signal, have been potentially compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials belonging to nearly 10,000 individuals were stolen by attackers who imitated the popular single sign-on service Okta, according to a report from cybersecurity outfit Group-IB.

Targets were sent text messages that redirected them to a phishing site. As the report from Group-IB states, “From the victim’s point of view, the phishing site looks quite convincing as it is very similar to the authentication page they are used to seeing.” Victims were asked for their username, password, and a two-factor authentication code. This...

Continue reading…



from The Verge - All Posts https://ift.tt/fpbZQU7
Labels:

Comments

Post a Comment

Popular posts from this blog

Pandora Stories lets artists add commentary to their own playlists

Pandora launched Stories today, a tool that lets artists and creators add voice commentary to their own playlists. The Stories feature merges podcasts with music playlists, and is meant for artists to add context to an album, or for podcasters to experiment with new storytelling formats. The feature is part of Pandora AMP, the streaming service’s free Artist Marketing Platform that helps creators promote their work. To kick off the launch, Pandora’s prepared some Stories by artists like John Legend and Daddy Yankee, who tell listeners their personal stories interspersed between their own songs. There’s also a Stories playlist called Love Songs That Aren’t Really Love Songs , which includes commentary on individual songs like a podcast... Continue reading… from The Verge - All Posts https://ift.tt/2Xz1oNc
Post a Comment
Read more

Minneapolis hiring social media influencers for former police officers’ trials

George Floyd died in police custody in May 2020 | Getty Minneapolis is hiring social media influencers to share “city-generated and approved messages” during the trials of four former city police officers charged in the May 2020 killing of George Floyd, according to the Minnesota Reformer . The Minneapolis city council approved the plan on Friday, which calls for six influencers to be paid about $2,000 each to spread the city’s messages with Black, Native American, Hmong, and Latino communities. The goal is to “address/dispel incorrect information” by using “trusted messengers,” part of a program the city refers to as its Joint Information System to share “timely and relevant information” with the public during the trials. “Through the Communications and Neighborhood and Community Relations... Continue reading… from The Verge - All Posts https://ift.tt/3q1AY3x
Post a Comment
Read more

Android Addition Opens FIDO Password Killer to Billions

The FIDO Alliance hammered another nail into the passwords coffin with the announcement that devices running Android 7.0 or higher will be compatible with FIDO2. Certification of Android 7.0+ means devices running those versions of Google's mobile operating system will support FIDO2 out of the box or through a software update. FIDO2, introduced last year, provides a FIDO Web authentication standard that combines the World Wide Web Consortium's Web Authentication specification with FIDO's Client-to-Authenticator protocol. from TechNewsWorld https://ift.tt/2GQVG4f
Post a Comment
Read more