floofloof@lemmy.ca to Cybersecurity@sh.itjust.worksEnglish · 4 days agoLawsuit says Clorox hackers got passwords simply by askingwww.nbcnews.comexternal-linkmessage-square12fedilinkarrow-up192arrow-down10
arrow-up192arrow-down1external-linkLawsuit says Clorox hackers got passwords simply by askingwww.nbcnews.comfloofloof@lemmy.ca to Cybersecurity@sh.itjust.worksEnglish · 4 days agomessage-square12fedilink
minus-squaresugar_in_your_tea@sh.itjust.workslinkfedilinkEnglisharrow-up11·4 days agoExactly. Many breaches follow this pattern: Learn the name and some basic details about the secretary or something Call corporate tech support asking for a password reset claiming to be the secretary Access important stuff since secretaries have a surprising amount of access Replace “secretary” with some other relevant individual who has a surprising amount of access and wouldn’t attract attention.
Exactly. Many breaches follow this pattern:
Replace “secretary” with some other relevant individual who has a surprising amount of access and wouldn’t attract attention.