This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported.
Follow Dark Reading:
 January 23, 2023
LATEST SECURITY NEWS & COMMENTARY
T-Mobile Breached Again, This Time Exposing 37M Customers' Data
This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported.
Ransomware Profits Decline as Victims Dig In, Refuse to Pay
Two new reports show ransomware revenues for threat actors dropped sharply in 2022 as more victims ignored ransom demands.
Compromised Zendesk Employee Credentials Lead to Breach
Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce.
Critical Manufacturing Sector in the Bull's-eye
Serious security flaws go unpatched, and ransomware attacks increase against manufacturers.
The Evolution of Account Takeover Attacks: Initial Access Brokers for IoT
Head off account takeover attacks by being proactive about IoT security. Start with designing and building better security protocols into IoT devices, always change weak default configurations, and regularly apply patches to ensure that IoT devices are secure.
MORE NEWS / MORE COMMENTARY
HOT TOPICS
Attackers Crafted Custom Malware for Fortinet Zero-Day
The "BoldMove" backdoor demonstrates a high level of knowledge of FortiOS, according to Mandiant researchers, who said the attacker appears to be based out of China.

Ethically Exploiting Vulnerabilities: A Play-by-Play
There's a fine line between a hacker and an attacker, but it pays to be proactive. Consider tests by ethical hackers, a red team, or pen testers, and then bolster your company's defenses against malicious attacks.

Name That Toon: Poker Hand
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

MORE
EDITORS' CHOICE
PayPal Breach Exposed PII of Nearly 35K Accounts
The credential-stuffing attack, likely fueled by password reuse, yielded personal identifiable information that can be used to verify the authenticity of previously stolen data.
LATEST FROM THE EDGE

7 Use Cases for Distributed Cloud Environments
As infrastructure has grown more complex, the need to effectively manage it has grown, too – particularly for applications and APIs.
LATEST FROM DR TECHNOLOGY

GPT Emerges as Key AI Tech for Security Vendors
Orca Security is one of the companies integrating conversational AI technology into its products.
WEBINARS
View More Dark Reading Webinars >>
WHITE PAPERS
View More White Papers >>
FEATURED REPORTS
View More Dark Reading Reports >>
PRODUCTS & RELEASES
Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers
The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows
KnowBe4 to Offer $10,000 Women in Cybersecurity Scholarship and (ISC) 2 Certification Education Package
SynSaber Releases ICS Vulnerabilities & CVEs Report Covering Second Half of 2022
MORE PRODUCTS & RELEASES
CURRENT ISSUE

The Promise and Reality of Cloud Security
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.
Thoughts about this newsletter? Give us feedback.
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.
We take your privacy very seriously. Please review our Privacy Statement.
© 2023  |  Informa Tech  |  Privacy Statement  |  Terms & Conditions  |  Contact Us