2fa
100 MILLION Americans in UnitedHealth PII Breach
Not cute: $UNH’s Change Healthcare unit paid a big ransom—its IT was as weak as a kitten ...
Cybersecurity Insights with Contrast CISO David Lindner | 9/6/24
Insight #1: SQL injection baffles airport security You mean to say that SQL Injection is still a problem? How many more of these have to happen before we realize there are control layers ...
Cybersecurity Insights with Contrast CISO David Lindner | 8/30/24
Insight #1: North Korean IT spies The threat of state-sponsored cyber espionage is real and evolving. Recent reports reveal North Korean IT professionals are using stolen identities and advanced tactics to infiltrate ...
Cybersecurity Insights with Contrast CISO David Lindner | 7/19/24
Insight #1 It's been a while since I reminded everyone that one of the single greatest controls to implement to prevent account compromise is multifactor authentication (MFA). Do it today! ...
Authy Breach: What It Means for You, RockYou 2024 Password Leak
In episode 338, we discuss the recent breach of the two-factor authentication provider Authy and its implications for users. We also explore a massive password list leak titled ‘Rock You 2024’ that ...
AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again
Should’ve used MFA: $T loses yet more customer data—this time, from almost all of them ...
‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk
SolarWinds hackers strike again: Remote access service hacked—by APT29, says TeamViewer ...
Ticketmaster is Tip of Iceberg: 165+ Snowflake Customers Hacked
Not our fault, says CISO: “UNC5537” breached at least 165 Snowflake instances, including Ticketmaster, LendingTree and, allegedly, Advance Auto Parts ...
SIM Swappers Try Bribing T-Mobile and Verizon Staff $300
Not OK: SMS 2FA — Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication ...
Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones
Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support ...
