gbhackers.com
Open in
urlscan Pro
104.21.34.223
Public Scan
URL:
https://gbhackers.com/cisco-duo-data-breach/
Submission: On April 17 via manual from CA — Scanned from CA
Submission: On April 17 via manual from CA — Scanned from CA
Form analysis 4 forms found in the DOM
POST #
<form class="td-login-form-wrap" action="#" method="post">
<div class="td-login-panel-title"><span>Welcome!</span>Log into your account</div>
<div class="td_display_err"></div>
<div class="td-login-inputs"><input class="td-login-input" autocomplete="username" type="text" name="login_email" id="login_email-mob" value="" required=""><label for="login_email-mob">your username</label></div>
<div class="td-login-inputs"><input class="td-login-input" autocomplete="current-password" type="password" name="login_pass" id="login_pass-mob" value="" required=""><label for="login_pass-mob">your password</label></div>
<input type="button" name="login_button" id="login_button-mob" class="td-login-button" value="LOG IN">
<div class="td-login-info-text">
<a href="#" id="forgot-pass-link-mob">Forgot your password?</a>
</div>
<div class="td-login-register-link"></div>
</form>GET https://gbhackers.com/
<form method="get" class="td-search-form" action="https://gbhackers.com/">
<div class="td-search-close">
<span><i class="td-icon-close-mobile"></i></span>
</div>
<div role="search" class="td-search-input">
<span>Search</span>
<input id="td-header-search-mob" type="text" value="" name="s" autocomplete="off">
</div>
</form>GET https://gbhackers.com/
<form method="get" class="tdb-search-form" action="https://gbhackers.com/">
<div class="tdb-search-form-inner"><input class="tdb-head-search-form-input" placeholder=" " type="text" value="" name="s" autocomplete="off"><button class="wpb_button wpb_btn-inverse btn tdb-head-search-form-btn"
type="submit"><span>Search</span></button></div>
</form>Name: mc-embedded-subscribe-form — POST https://gbhackers.us14.list-manage.com/subscribe/post?u=6c205143b8eda9ef337293b61&id=03468a2199&f_id=00d6c2e1f0
<form class="tdn-form" action="https://gbhackers.us14.list-manage.com/subscribe/post?u=6c205143b8eda9ef337293b61&id=03468a2199&f_id=00d6c2e1f0" method="post" name="mc-embedded-subscribe-form" target="_blank">
<div class="tdn-email-bar">
<div class="tdn-input-wrap"><input type="email" aria-label="email" name="EMAIL" placeholder="Your email address" required=""></div>
<div class="tdn-btn-wrap"><button class="tdn-submit-btn" type="submit" name="subscribe">Subscribe</button></div>
</div>
</form>Text Content
Linkedin
Sign in
* Home
* Threats
* Vulnerability
* Cyber AI
* Cyber Tools
* Data Breach
* Top 10
* What is
Sign in
Welcome!Log into your account
your username
your password
Forgot your password?
Password recovery
Recover your password
your email
Search
GBHackers On SecurityTrusted Cyber Security News Platform
Wednesday, April 17, 2024
* Home
* Threats
* Vulnerability
* Cyber AI
* Cyber Tools
* Data Breach
* Top 10
* What is
Linkedin
Twitter
GBHackers On SecurityTrusted Cyber Security News Platform
* Home
* Threats
* THREATS
WHAT IS GLOBAL THREAT INTELLIGENCE? – SOC/DFIR TEAM GUIDE
Cyber Security News
NEW ACOUSTIC KEYBOARD SIDE CHANNEL ATTACK LET ATTACKERS STEAL SENSITIVE
DATA
cyber security
RA WORLD RANSOMWARE ATTACK WINDOWS USING HACKED DOMAIN CONTROL & ANTI-AV
TACTICS
Cyber Security News
AMOS MACOS STEALER STEALS PARTICULAR FILES ON THE SYSTEM & BROWSER DATA
Cyber Security News
NEW MALICIOUS PYPI PACKAGES USE DLL SIDELOADING IN A SUPPLY CHAIN ATTACK
* Vulnerability
* Cyber Security News
CONNECT:FUN ATTACKING ORGANIZATIONS RUNNING FORTINET’S FORTICLIENT EMS
cyber security
CRITICAL RUST VULNERABILITY LET HACKERS INJECT COMMANDS ON WINDOWS SYSTEMS
Cyber Security News
NEW SHAREPOINT TECHNIQUE LETS HACKERS BYPASS SECURITY MEASURES
CVE/vulnerability
HTTP/2 VULNERABILITY LET HACKERS LAUNCH DOS ATTACKS ON WEB SERVERS
CVE/vulnerability
MULTIPLE CDATA VULNERABILITIES LET ATTACKERS BYPASS SECURITY RESTRICTIONS
* Cyber AI
* Cyber AI
NSA, CISA & FBI RELEASED BEST PRACTICES FOR AI SECURITY DEPLOYMENT 2024
Cyber AI
ZOOM UNVEILS AI-POWERED ALL-IN-ONE AI WORK WORKPLACE
Cyber AI
HACKERS ACTIVELY EXPLOITING RAY AI FRAMEWORK FLAW TO HACK THOUSANDS OF
SERVERS
Cyber AI
HACKERS SELLING GLORYSPROUT MALWARE WITH ANTI-VM FEATURES IN UNDERGROUND
FOURM FOR $300
Cyber AI
DARKGPT – A CHATGPT-4 POWERED OSINT TOOL TO DETECT LEAKED DATABASES
* Cyber Tools
* Data Breach
* Cyber Crime
INC RANSOM GROUP EXFILTRATES DATA BEFORE ENCRYPTING & THREATENS PUBLIC
EXPOSURE
Cyber Security News
LIGHTSPY HACKERS TARGET INDIAN APPLE DEVICE USERS TO STEAL SENSITIVE DATA
cyber security
CISCO DUO DATA BREACH: HACKERS STOLEN VOIP & SMS FOR MFA
Cyber Security News
SISENCE DATA BREACH, CISA URGES TO RESET LOGIN CREDENTIALS
cyber security
TAXI APP VENDOR DATA LEAK: 300K PASSENGERS DATA EXPOSED
* Top 10
* Checklist
WEB SERVER PENETRATION TESTING CHECKLIST – 2024
Network Pentesting
50+ NETWORK PENETRATION TESTING TOOLS FOR HACKERS & SECURITY PROFESSIONALS
– 2024
Business
10 PROMINENT CYBERSECURITY ACQUISITIONS OF 2023
Top 10
10 BEST UNIFIED ENDPOINT MANAGEMENT TOOLS – 2024
Top 10
TOP 5 KUBERNETES VULNERABILITIES – 2023
* What is
* Cyber Attack
CLIENT-SIDE EXPLOITATION: POISONING WEBDAV+URL+LNK TO DELIVER MALICIOUS
PAYLOADS
Penetration Testing
EXPLORING HOW PENETRATION TESTS ARE CLASSIFIED – PENTESTING ASPIRANT GUIDE
2024
Cyber Attack
5 MAJOR PHISHING CAMPAIGNS IN MARCH 2024
Malware
HOW TO ANALYSE .NET MALWARE? – REVERSE ENGINEERING SNAKE KEYLOGGER
THREATS
WHAT IS GLOBAL THREAT INTELLIGENCE? – SOC/DFIR TEAM GUIDE
Search
CISCO DUO DATA BREACH: HACKERS STOLEN VOIP & SMS FOR MFA
April 16, 2024
By Divya
Cisco’s Duo Security, a leading multi-factor authentication (MFA) service, has
suffered a significant data breach.
The April 1, 2024, incident involved unauthorized access to telephony data used
for MFA purposes.
The breach was produced through a sophisticated phishing attack that compromised
a telephony provider’s employee credentials.
The attackers exploited this access to download a set of MFA SMS message logs
associated with Duo accounts.
These logs contained sensitive information, including phone numbers, carriers,
and the geographical location of the messages sent between March 1, 2024, and
March 31, 2024.
Although the message content was not accessed, the breach still poses a
significant privacy concern for users.
Document
Stop Advanced Phishing Attack With AI
AI-POWERED PROTECTION FOR BUSINESS EMAIL SECURITY
Trustifi’s Advanced threat protection prevents the widest spectrum of
sophisticated attacks before they reach a user’s mailbox. Stopping 99% of
phishing attacks missed by other email security solutions. .
Try Free Demo
The exposed metadata could potentially be used for targeted phishing campaigns
or to undermine the integrity of MFA systems by intercepting or redirecting
messages.
SECURITY MEASURES
Upon discovering the breach, the telephony provider, whose identity has not been
disclosed, took immediate action to contain the incident.
The compromised credentials were invalidated to prevent further unauthorized
access.
The provider also conducted a thorough analysis of activity logs to understand
the scope of the breach.
The provider has begun implementing additional technical safeguards to bolster
security and prevent future incidents.
These measures are designed to fortify defenses against social engineering
attacks, increasingly becoming a vector for cyber threats.
The provider has responded proactively, notifying Cisco of the breach and
committing to an ongoing investigation.
They have also taken steps to educate their employees on social engineering
risks, mandating additional training to raise awareness and improve resilience
against such attacks.
Cisco has communicated transparently with affected customers, offering to
provide copies of the message logs obtained by the threat actor upon request.
DeepBlue Security and Intelligence recently tweeted that Cisco Duo has issued a
warning about a third-party data breach that exposed SMS MFA logs.
ACTION FOR AFFECTED USERS
In light of the breach, Cisco urges all affected customers to notify their users
promptly.
Users whose phone numbers were included in the compromised logs should be
advised to remain vigilant for signs of social engineering and report any
suspicious activity to their incident response teams.
Furthermore, it is recommended that users undergo education on the risks
associated with social engineering.
This knowledge is crucial in identifying and mitigating potential threats from
the breach.
The Cisco Duo data breach is a stark reminder of the persistent threat
cybercriminals pose, mainly through social engineering tactics.
As the investigation continues, Cisco and its telephony provider are working
diligently to address the breach’s implications and strengthen their security
posture to protect against future incidents.
Looking to Safeguard Your Company from Advanced Cyber Threats?
Deploy TrustNet to Your Radar ASAP.
* Tags
* Cyber Security News
* Data Breach
MANAGED WAF PROTECTION
LATEST ARTICLES
cyber security
CERBER LINUX RANSOMWARE EXPLOITS ATLASSIAN SERVERS TO TAKE FULL CONTROL
Security researchers at Cado Security Labs have uncovered a new variant of the
Cerber...
April 17, 2024
CVE/vulnerability
FGVULDET – NEW VULNERABILITY DETECTOR TO ANALYZE SOURCE CODE
Detecting source code vulnerabilities aims to protect software systems from
attacks by identifying inherent...
April 17, 2024
Cyber Crime
NORTH KOREAN HACKERS ABUSE DMARC TO LEGITIMIZE THEIR EMAILS
DMARC is targeted by hackers as this serves to act as a preventative measure...
April 17, 2024
Cyber Security News
L00KUPRU RANSOMWARE ATTACKERS DISCOVERED IN THE WILD
A new variant of the Xorist ransomware, dubbed L00KUPRU, has been discovered in
the...
April 17, 2024
Computer Security
ORACLE RELEASES BIGGEST SECURITY UPDATE IN 2024 – 372 VULNERABILITIES ARE FIXED
– UPDATE NOW!
Oracle has released its April 2024 Critical Patch Update (CPU), addressing 372
security vulnerabilities...
April 17, 2024
cyber security
OUTLOOK LOGIN PANEL THEMED PHISHING ATTACK EVADED ALL ANTIVIRUS DETECTIONS
Cybersecurity researchers have uncovered a new phishing attack that has bypassed
all antivirus detections.The...
April 17, 2024
Cyber Security News
CISCO WARNS OF MASSIVE BRUTE-FORCE ATTACKS TARGETING VPNS & SSH SERVICES
Hackers use brute-force attacks since it is an uncomplicated technique to break
passwords or...
April 17, 2024
FacebookFacebook
InstagramInstagram
LinkedinLinkedin
TwitterTwitter
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats,
Breaches, Vulnerabilities and other happenings in the cyber world.
WAAP/WAF ROI ANALYSIS
MASTERING WAAP/WAF ROI ANALYSIS
As the importance of compliance and safeguarding critical websites and APIs
grows, Web Application and API Protection (WAAP) solutions play an integral
role.
Key takeaways include:
* Pricing models
* Cost Estimation
* ROI Calculation
Book Your Spot
RELATED ARTICLES
CERBER LINUX RANSOMWARE EXPLOITS ATLASSIAN SERVERS TO TAKE FULL CONTROL
FGVULDET – NEW VULNERABILITY DETECTOR TO ANALYZE SOURCE CODE
NORTH KOREAN HACKERS ABUSE DMARC TO LEGITIMIZE THEIR EMAILS
L00KUPRU RANSOMWARE ATTACKERS DISCOVERED IN THE WILD
ORACLE RELEASES BIGGEST SECURITY UPDATE IN 2024 – 372 VULNERABILITIES ARE...
CONNECT WITH GBHACKERS ON SECURITY
JOIN 70,000 SECURITY PROFESSIONALS
Stay safe online with free daily cybersecurity updates. Sign up now!
Subscribe
GBHackers on security is a highly informative and reliable Cyber Security News
platform that provides the latest and most relevant updates on Cyber Security
News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily
basis. The platform is dedicated to keeping the community well-informed and
up-to-date with the constantly evolving Cyber World.
MENU
* Home
* Threats
* Vulnerability
* Cyber AI
* Cyber Tools
* Data Breach
* Top 10
* What is
Linkedin
Twitter
CONTACT US:
Email : admin@gbhackers.com