When Low-Tech Hacks Cause High-Impact Breaches
Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company…
Bitwarden password vaults targeted in Google ads phishing attack
Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials. [...]
Apple iOS 16.3 arrives with support for hardware security keys
Apple released iOS 16.3 today with long-awaited support for hardware security keys to provide extra protection against phishing attacks and…
Apple rolls out end-to-end encryption for iCloud backups
Apple introduced today Advanced Data Protection for iCloud, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups,…
Dropbox Code Repositories Stolen in Cyberattack on GitHub-Based Developers
An attack campaign using phishing attacks gives threat actors access to internal Dropbox code repositories, the latest in a series…
Twilio discloses another hack from June, blames voice phishing
Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August…
Hackers stealing GitHub accounts using fake CircleCI notifications
GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails…
Windows 10 KB5017380 preview update released with new FIDO2 features
Microsoft has released the optional KB5017380 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2…
MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component…
How 1-Time Passcodes Became a Corporate Liability
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some…