Twilio Hackers Breached Over 130 Organizations During Months-Long Hacking Spree (techcrunch.com) 9
The hackers that breached Twilio earlier this month also compromised more than 130 other organizations during their hacking spree that netted the credentials of close to 10,000 employees. TechCrunch: Twilio's recent network intrusion allowed the hackers to access the data of 125 Twilio customers and companies -- including end-to-end encrypted messaging app Signal -- after tricking employees into handing over their corporate login credentials and two-factor codes from SMS phishing messages that purported to come from Twilio's IT department. At the time, TechCrunch learned of phishing pages impersonating other companies, including a U.S. internet company, an IT outsourcing company and a customer service provider, but the scale of the campaign remained unclear.
Now, cybersecurity company Group-IB says the attack on Twilio was part of a wider campaign by the hacking group it's calling "0ktapus," a reference to how the hackers predominantly target organizations that use Okta as a single sign-on provider. Group-IB, which launched an investigation after one of its customers was targeted by a linked phishing attack, said in findings shared with TechCrunch that the vast majority of the targeted companies are headquartered in the U.S. or have U.S.-based staff. The attackers have stolen at least 9,931 user credentials since March, according to Group-IB's findings, with more than half containing captured multi-factor authentication codes used to access a company's network.
Now, cybersecurity company Group-IB says the attack on Twilio was part of a wider campaign by the hacking group it's calling "0ktapus," a reference to how the hackers predominantly target organizations that use Okta as a single sign-on provider. Group-IB, which launched an investigation after one of its customers was targeted by a linked phishing attack, said in findings shared with TechCrunch that the vast majority of the targeted companies are headquartered in the U.S. or have U.S.-based staff. The attackers have stolen at least 9,931 user credentials since March, according to Group-IB's findings, with more than half containing captured multi-factor authentication codes used to access a company's network.
So all of The XaaS companies (Score:2)
are more like aSS
Re: (Score:2)
I'd avoid saying "all" of them are junk.
When are people going to learn (Score:4, Interesting)
Their business is structured to make the most profit from you that they can while providing the lowest level service.
This means:
They hire the cheapest employees they can get and treat them like crap.
No corner is left uncut.
The contract that you have to sign, if truly read and interpreted, removes them from virtually all legal liability.
They are as sloppy as they can get in terms of security, customer service, and honesty.
They will monetize any information which they can extract from your organization as a matter of policy.
There is no such thing ass a free lunch.
There is no honor among thieves.
All of the above goes double if the service is "free."
Re: (Score:3)
And get the outsourcing manager a higher quarterly bonus.
Incentives matter.
Re: (Score:3)
So why don't you show us your computer you designed, built and constructed from sand, your car you made from iron ore, the steps you go through to gather your food, etc?
After all, you probably outsourced your car to Ford, GM, or other company. You outsourced your food to the supermarket and to the food producers. You outsourced your computer to the manufacturer who outsourced the parts from Samsung, Intel, AMD, etc.
Your company outsourced the building their in to the property management company, everyone ou
Re: (Score:2)
Consequences (Score:2)
So what happens to us, customers of the 130 companies? Have they investigated the breach on their end? Is there any information about cascading consequences, such as end user account credential leaks? I haven't seen any mention of this hack on Signal's blog [signal.org] for example.