#helpdesksecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #helpdesksecurity, aggregated by home.social.
-
Attackers don’t always need to defeat MFA.
Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.🪪 Identity verification should become a security layer of its own, rather than a support process.
🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.#AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity
-
Attackers don’t always need to defeat MFA.
Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.🪪 Identity verification should become a security layer of its own, rather than a support process.
🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.#AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity
-
Attackers don’t always need to defeat MFA.
Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.🪪 Identity verification should become a security layer of its own, rather than a support process.
🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.#AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity
-
Attackers don’t always need to defeat MFA.
Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.🪪 Identity verification should become a security layer of its own, rather than a support process.
🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.#AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity
-
Password Resets Expose Vulnerability in Corporate Security
Did you know that password resets can cost companies a whopping $70 each, and with stolen credentials involved in nearly 45% of breaches, it's clear that corporate security is vulnerable to attack.
#PasswordResets #CredentialTheft #SelfservicePasswordReset #Sspr #HelpdeskSecurity
-
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail -
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail -
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail -
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail -
A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬
TL;DR
⚠️ Attackers phoned in to get passwords with no checks
🔐 Lack of identity verification is a major failure point
🛠️ Companies must tighten help desk protocols and training
📌 Liability can ripple far beyond breach response costshttps://www.reuters.com/legal/government/lawsuit-says-clorox-hackers-got-passwords-simply-by-asking-2025-07-22/
#cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail