CyberSec Roundup
A synopsis of the Latest Cybersecurity News

A Very Dirty Hack

ShitExpress, a prank website that allows customers to send animal feces to friends and foes was recently breached by well-known hacker pompompurin. He was on the site as a customer when he noticed it was vulnerable to SQL Injection attacks. Pompompurin proceeded illegitimately to access customer and order information from the website. ShitExpress acknowledged the breach and confirmed that it has been fixed, but says no real harm was done since it is just a prank site.

Cisco Box Breached

Cisco confirmed that they suffered a cyber attack on their corporate network in May, where non-sensitive information from a Box folder was accessed, due to an employee’s compromised account. The Yanluowang ransomware group unsuccessfully tried to extort the company and leaked the stolen files this month. Cisco was able to contain the attack and took steps to harden its system against future attacks.

Twilio Employees fall for Smish

Twilio confirmed its network was breached after some of their employees fell victim to an SMS phishing attack. The threat actors accessed data for 125 Twilio customers for a short period of time before the company revoked the access. Twilio notified all affected customers of the breach.

By: David Pinder
IT & Cybersecurity Consultant
Certified Ethical Hacker (Master)