Oktapus Phishing for MFA Hits 130 Organizations - ThreatWire (Patreon)

LastPass was hacked, again! Lockdown Mode fingerprinting, and Oktapus fishes for MFA! All that coming up now on ThreatWire. #threatwire #hak5

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering cybersecurity topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/NW2Ckgttkjs

ThreatWire Totem Board - Limited Edition! - https://snubsie.com/threatwire-products/tw-totem 

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Follow Shannon on Social Media: https://snubsie.com/links 

Chapters:

0:00 LastPass Was Hacked… Again!

2:02 Lockdown Mode Fingerprinting

5:07 Oktapus Phishing for MFA

Links:

Links:

https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

https://www.bleepingcomputer.com/news/security/lastpass-developer-systems-hacked-to-steal-source-code/

https://thehackernews.com/2022/08/hackers-breach-lastpass-developer.html

https://www.vice.com/en/article/k7b7xa/hacker-steals-lastpass-source-code-company-says

https://www.vice.com/en/article/88qnag/apple-announces-extreme-privacy-mode-for-targets-of-government-spyware

https://www.vice.com/en/article/epzpb4/websites-can-identify-if-youre-using-iphones-new-lockdown-mode

https://crypt.ee/ios-lockdown-mode-test

https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/

https://www.bleepingcomputer.com/news/security/twilio-hackers-hit-over-130-orgs-in-massive-okta-phishing-attack/

https://www.bleepingcomputer.com/news/security/okta-one-time-mfa-passcodes-exposed-in-twilio-cyberattack/

https://www.bleepingcomputer.com/news/security/twilio-discloses-data-breach-after-sms-phishing-attack-on-employees/

https://threatpost.com/0ktapus-victimize-130-firms/180487/

https://thehackernews.com/2022/08/okta-hackers-behind-twilio-and.html

https://www.group-ib.com/media/0ktapus-campaign/

https://arstechnica.com/information-technology/2022/08/phishers-who-hit-twilio-and-cloudflare-stole-10k-credentials-from-136-others/

https://arstechnica.com/information-technology/2022/08/the-number-of-companies-caught-up-in-the-twilio-hack-keeps-growing/

https://www.bleepingcomputer.com/news/security/doordash-discloses-new-data-breach-tied-to-twilio-hackers/

https://www.bleepingcomputer.com/news/security/twilio-breach-let-hackers-gain-access-to-authy-2fa-accounts/

https://thehackernews.com/2022/08/twilio-breach-also-compromised-authy.html

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.