Troy Hunt

NOVEMBER 2, 2019

It's been a pretty full week this one with a couple of talks in Sydney followed by another in Melbourne. Then, to top it all off, getting sick hasn't helped and oh boy did this one hurt.

Passwords 42

Passwords Risk IT Security 42

Security Affairs

AUGUST 29, 2022

“To date, our investigation has identified 163 Twilio customers – out of a total customer base of over 270,000 – whose data was accessed without authorization for a limited period of time, and we have notified all of them.” ” reads an update provided by the company on August 24, 2022.

Access 92

Access Authentication Phishing Communications 92

Krebs on Security

JANUARY 30, 2024

As documented by Group-IB, the group pivoted from its access to Twilio to attack at least 163 of its customers. The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software. 0ktapus often leveraged information or access gained in one breach to perpetrate another.

Passwords 311

Passwords Phishing Access Encryption 311

Security Affairs

APRIL 19, 2021

It hosts Safari update packages in the C&C server, then downloads and installs packages for the user’s OS version. The analysis of the latest JavaScript codes from agent.php conducted by the researchers revealed that the malware is able to steal confidential data from the following sites: 163.com Pierluigi Paganini.

Ransomware 109

Ransomware Encryption IT Security 109

IT Governance

JANUARY 30, 2024

We’ve also found 6 organisations providing a significant update on a previously disclosed incident. Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 Only 1 definitely hasn’t had data breached.

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52