floofloof@lemmy.ca to Cybersecurity@sh.itjust.worksEnglish · 4 days agoLawsuit says Clorox hackers got passwords simply by askingwww.nbcnews.comexternal-linkmessage-square12fedilinkarrow-up192arrow-down10
arrow-up192arrow-down1external-linkLawsuit says Clorox hackers got passwords simply by askingwww.nbcnews.comfloofloof@lemmy.ca to Cybersecurity@sh.itjust.worksEnglish · 4 days agomessage-square12fedilink
minus-squareonslaught545@lemmy.ziplinkfedilinkEnglisharrow-up20·4 days agoYup, it is. Social engineering is by far the most effective means of gaining unlawful access to any system. Humans are always the weakest link.
minus-squaresugar_in_your_tea@sh.itjust.workslinkfedilinkEnglisharrow-up11·4 days agoExactly. Many breaches follow this pattern: Learn the name and some basic details about the secretary or something Call corporate tech support asking for a password reset claiming to be the secretary Access important stuff since secretaries have a surprising amount of access Replace “secretary” with some other relevant individual who has a surprising amount of access and wouldn’t attract attention.
Yup, it is. Social engineering is by far the most effective means of gaining unlawful access to any system.
Humans are always the weakest link.
Exactly. Many breaches follow this pattern:
Replace “secretary” with some other relevant individual who has a surprising amount of access and wouldn’t attract attention.