IT services outsourcing giant Wipro has been breached and some of its customers have been targeted by attackers as a result. Revealed by cybersecurity journalist Brian Krebs and later confirmed by the company, the attack was what Wipro described as advanced and persistent phishing emails involving “zero-day malware”.
The breach highlights the dangers third parties present, especially consultants that touch important systems for many of the largest companies in the world. In this case, attackers used Wipro’s own systems to launch phishing attacks against its customers.
