InfoSec News Nuggets 7/5/2024

Twilio says hackers identified cell phone numbers of two-factor app Authy users Last week, a hacker claimed to have stolen 33 million phone numbers from U.S. messaging giant Twilio. On Tuesday, Twilio confirmed to TechCrunch that “threat actors” were able to identify the phone number of people who use Authy, a popular two-factor authentication app owned by Twilio. In a post on a well-known hacking forum, the hacker or hackers known as ShinyHunters wrote that…
Read More

InfoSec News Nuggets 08/09/2022

Slack leaked hashed passwords from its servers for years Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users. The issue occurred when a user created or revoked a shared invitation link for their workspace. The good news is that the password wasn't plaintext, and it wasn't visible in any Slack clients. The bad news is that it could be picked up by monitoring…
Read More