A 360° view on tech world
Malicious hackers are getting ever more creative with the techniques they use to break into networks to steal data and wreak havoc, but their primary route for opening that door has remained pretty consistent. Email is by far the most popular entry point for setting up and executing phishing, ransomware and other attack vectors, leading […]
Read more
Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack. A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that the company became aware of the “sophisticated” attack targeting Reddit employees on February 5. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts” that redirected employees to a website masquerading as […]
Read more
French startup Riot has raised a $12 million Series A round to iterate on its all-in-one cybersecurity awareness platform for businesses and their employees. The startup originally focused on fake phishing campaigns. It now also offers customized educational content that can help grow the cybersecurity culture in your team. While it is still quite difficult […]
Read more
Hypernative, a crypto security-focused startup, has raised $9 million in seed funding as it emerges from stealth, co-founder and CEO Gal Sagie exclusively told TechCrunch. The funding round was led by boldstart ventures and IBI tech fund, with strategic investments from Blockdaemon, Alchemy, Borderless, CMT Digital, Nexo and angel investors. The company was started by […]
Read more
Cybercriminals are already capitalizing on Twitter’s ongoing verification chaos by sending phishing emails designed to steal the passwords of unwitting users. The phishing email campaign, seen by TechCrunch, attempts to lure Twitter users into posting their username and password on an attacker’s website disguised as a Twitter help form. The email is sent from a […]
Read more
U.S. retail giant Bed, Bath & Beyond has confirmed unauthorized accessed to company data after an employee was phished. In an 8-K filing to the U.S. Securities and Exchange Commission, the home goods retailer said it became aware that an attacker had “improperly accessed” company data after a successful phishing scam targeting an employee in […]
Read more
Fintech startup Revolut has confirmed it was hit by a highly targeted cyberattack that allowed hackers to access the personal details of tens of thousands of customers. Revolut spokesperson Michael Bodansky told TechCrunch that an “unauthorized third party obtained access to the details of a small percentage (0.16%) of our customers for a short period […]
Read more
U.S. messaging giant Twilio has confirmed hackers also compromised the accounts of some Authy users as part of a wider breach of Twilio’s systems. Authy is Twilio’s two-factor authentication (2FA) app it acquired in 2015. Twilio’s breach earlier this month, which saw malicious actors accessing the data of over 100 Twilio customers after successfully phishing […]
Read more
Food delivery giant DoorDash has confirmed a data breach that exposed customers’ personal information. In a blog post shared with TechCrunch ahead of its publication at market close, DoorDash said malicious hackers stole credentials from employees of a third-party vendor that were then used to gain access to some of DoorDash’s internal tools. DoorDash said […]
Read more
The hackers that breached Twilio earlier this month also compromised over 130 organizations during their hacking spree that netted the credentials of close to 10,000 employees. Twilio’s recent network intrusion allowed the hackers access the data of 125 Twilio customers and companies — including end-to-end encrypted messaging app Signal — after tricking employees into handing […]
Read more