Feds Charge Five Men in ‘Scattered Spider’ Roundup

Credit to Author: BrianKrebs| Date: Thu, 21 Nov 2024 20:13:08 +0000

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio.

Read more

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Credit to Author: BrianKrebs| Date: Sat, 15 Jun 2024 23:40:20 +0000

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

Read more

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Credit to Author: BrianKrebs| Date: Tue, 30 Jan 2024 19:07:18 +0000

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.

Read more

A week in security (January 16—22)

Categories: News

Tags: Google

Tags: Rust

Tags: Chromium

Tags: Mailchimp

Tags: SweepWizard

Tags: bossware

Tags: TikTok

Tags: surveillance firm

Tags: Voyager Labs

Tags: TracketPacer

Tags: Facebook

Tags: Instagram

Tags: Vice Society

Tags: Liquor Control Board of Ontario

Tags: Zoho ManageEngine

Tags: GitHub

Tags: LastPass

Tags: Git flaw

Tags: ransomware

Tags: credit card fraud

The most interesting security related news from the week of January 16-22.

(Read more…)

The post A week in security (January 16—22) appeared first on Malwarebytes Labs.

Read more

How 1-Time Passcodes Became a Corporate Liability

Credit to Author: BrianKrebs| Date: Tue, 30 Aug 2022 14:53:39 +0000

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

Read more

Twilio data breach turns out to be more elaborate than suspected

Categories: News

Tags: twilio

Tags: okta

Tags: Authy

Tags: Signal

Tags: Cloudflare

Tags: MailChimp

Tags: Klaviyo

Tags: scatter swine

Tags: oktapus

Tags: 2fa

Tags: otp

Even if you don’t know a thing about Twilio, you may have been affected by their data breach.

(Read more…)

The post Twilio data breach turns out to be more elaborate than suspected appeared first on Malwarebytes Labs.

Read more