A huge phishing campaign has targeted over 130 companies, affecting Twilio and Signal

Jess Weatherbed reports:

Over 130 organizations, including Twilio, DoorDash, and Cloudflare, have been potentially compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials belonging to nearly 10,000 individuals were stolen by attackers who imitated the popular single sign-on service Okta, according to a report from cybersecurity outfit Group-IB.

Read more at The Verge.

Resource: NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
Bombay High Court Orders Department of Telecommunications to Block Medusa Accounts After Generali Insurance Data Breach
Cyber-Attack On Bectu’s Parent Union Sparks UK National Security Concerns
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt
A business's cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?

Related: