In the last few days, the encrypted messaging platform, ‘Signal’ confirmed a variety of their customers fell victim to the phishing attack on Twilio. It is estimated that 1,900 were affected by the breach via phone number and SMS verification links to “reset passwords” on a phony Twilio link. By posing as Twilio’s IT dept, the hackers were able to obtain victim’s login credentials. Unfortunately, it is still unclear who was behind this attack. Cloudflare also revealed they were subjected to a phishing attack around the very same time as Twilio, but was not breached as an end result owing to the corporation-vast use of hardware-centered, FIDO2-compliant multi-factor authentication (MFA) keys.
MORE FIDO in the News
Tagesspiegel Background: Man against machine against man
The goal of cybersecurity should not be to become better...December 8, 2023
IT Pro: Passkeys, a passwordless authentication solution supported by major tech companies, provide a secure alternative using public key cryptography
Built on the WebAuthentication standard, they eliminate traditional password challenges....
WSJ: 23andMe Hack Is a Wake-Up Call for Your Password Habits
The recent 23andMe breach, exposing personal information belonging to 6.9...