Kowatek Solar LTD
Themis Powder2Power particle-based CSP begins commissioning in France
18:00
Themis Powder2Power particle-based CSP begins commissioning in France
3 Hours Of Free Power Explained
17:53
3 Hours Of Free Power Explained
Father of Modern Solar Approaches the Next Frontier
17:51
Father of Modern Solar Approaches the Next Frontier
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
14:40
Hacked, leaked, and held for ransom: the worst breaches of 2026 so far
The optimal internal receiver geometry for high temperature solar fuels
17:59
The optimal internal receiver geometry for high temperature solar fuels
Rolls-Royce to build four BESS facilities for Sunly in Latvia
17:52
Rolls-Royce to build four BESS facilities for Sunly in Latvia
Engie to build 155MW solar PV at gas plant in Spain 
17:51
Engie to build 155MW solar PV at gas plant in Spain 
Supreme Court of Ohio reverses permit for Oak Run Solar site
14:28
Supreme Court of Ohio reverses permit for Oak Run Solar site
SolarPACES has now mapped all 43 of China’s new CSP projects
17:57
SolarPACES has now mapped all 43 of China’s new CSP projects
Germany: interaction between grid fees, BKZ and FCAs still need to be solved
07:34
Germany: interaction between grid fees, BKZ and FCAs still need to be solved

Mailchimp slips up again, suffers security breach after falling on social engineering banana skin • Graham Cluley

Mailchimp Fails Again, Falls Into Social Engineering Banana Skin, Hits Security Breach

Email newsletter service Mailchimp has been put in the embarrassing position of admitting to its second data breach in less than a year.

According to Mailchimp, a social engineering attack successfully tricked Mailchimp employees and contractors into giving up their login credentials. These details were used by the hackers to access his 133’s Mailchimp account.

Mailchimp said it contacted all affected account holders on January 12, less than 24 hours after the security breach was discovered.

e-mailsign up for newsletter
Security news, advice and tips.

One of Mailchimp’s customers that appeared to be affected was WooCommerce, the maker of a popular WordPress plugin for companies that run online stores.

Woocommerce email
Woocommerce warns subscribers that Mailchimp has been compromised

WooCommerce has reached out to affected users to warn them that some of their personal information has been exposed.

  • their name
  • Online store URL
  • their address
  • e-mail address

Such information can obviously be misused by an attacker, such as in a phishing attack.No doubt WooCommerce and other Mailchimp users are using their Own Mailchimp security mistake puts customers at risk.

Mailchimp is no stranger to security breaches.

In March 2022, Mailchimp discovered that attackers had access to tools used by customer support teams and were able to gain access to 300 client accounts and steal subscriber data from 102 of them.

Mailchimp customers who worked in the cryptocurrency and financial sectors found their accounts targeted on the occasion and sent unsuspecting newsletter subscribers compelling (but malicious) emails. Scammers have opened an opportunity to send

Then, similar to recent breaches, the attackers used social engineering to trick Mailchimp workers into handing over their login credentials.

Mailchimp appears to have acted relatively quickly in this case, but I’m not sure if they’ve taken enough steps to lock down access to their internal tools and ensure that only truly authorized people have access. There will undoubtedly be questions about.

Did you find this article interesting? Follow Graham Cluley on Twitter Or visit Mastodon to read more exclusive content we post.

Graham Cluley is a veteran of the antivirus industry and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent security he analyst, makes regular media appearances and speaks internationally on the topics of computer he security, hackers and online he privacy. Follow him on Twitter. @gcluleyMastodon@@[email protected]or drop him an email.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us