wp-plugin-hostgator
domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init
action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114ol-scrapes
domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init
action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114Source: https:\/\/www.theverge.com\/2022\/8\/8\/23296923\/twilio-data-breach-phishing-campaign-employees-targeted<\/a> Digital communication platform Twilio was hacked after a phishing campaign tricked its employees into revealing their login credentials (via TechCrunch<\/em><\/a>). The company disclosed the data breach in a post on its blog<\/a>, noting that only \u201ca limited number\u201d of customer accounts were affected by the attack. Twilio allows web services to send SMS messages and place voice calls over telephone networks and is used by companies including Uber, Twitter, and Airbnb.<\/p>\n The hack occurred on August 4th and involved a bad actor sending SMS messages to Twilio employees that asked them to reset their password or alerted them to a change in their schedule. Each message included a link with keywords, like \u201cTwilio,\u201d \u201cSSO\u201d (single sign-on), and \u201cOkta,\u201d the name of the user authentication service used by many companies. The link directed employees to a page that mimicked a real Twilio sign-in page, allowing hackers to collect the information employees inputted there.<\/p>\n After it became aware of the breach, Twilio worked with US phone carriers to shut down the SMS scheme and also had web hosting platforms take down the phony sign-in pages. Despite this, Twilio says that hackers managed to swap to new hosting providers and mobile carriers to continue their campaign.<\/p>\n \u201cBased on these factors, we have reason to believe the threat actors are well-organized, sophisticated and methodical in their action,\u201d Twilio adds. \u201cSocially engineered attacks are \u2014 by their very nature \u2014 complex, advanced, and built to challenge even the most advanced defenses.\u201d<\/p>\n Twilio\u2019s working with law enforcement to find out who\u2019s responsible for the campaign and says it also heard from companies that \u201cwere subject to similar attacks.\u201d Twilio has since shut down access to the compromised employee accounts and will also alert any customers affected by the breach.<\/p>\n Social engineering is becoming an increasingly common tactic for hackers. Earlier this year, a report from Bloomberg<\/em> revealed that both Apple and Meta shared data with hackers pretending to be law enforcement officials<\/a>. Last year, a hacker tricked a Robinhood customer service representative<\/a> into disclosing the information of over 7 million customers.<\/p>\n<\/div>\n
\n
<\/br><\/code><\/p>\n