home.social

#helpdesksecurity — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #helpdesksecurity, aggregated by home.social.

fetched live
  1. Attackers don’t always need to defeat MFA.
    Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.

    🪪 Identity verification should become a security layer of its own, rather than a support process.
    🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
    🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.

    Read more:
    technadu.com/new-identity-batt

    #AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity

  2. Attackers don’t always need to defeat MFA.
    Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.

    🪪 Identity verification should become a security layer of its own, rather than a support process.
    🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
    🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.

    Read more:
    technadu.com/new-identity-batt

    #AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity

  3. Attackers don’t always need to defeat MFA.
    Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.

    🪪 Identity verification should become a security layer of its own, rather than a support process.
    🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
    🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.

    Read more:
    technadu.com/new-identity-batt

    #AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity

  4. Attackers don’t always need to defeat MFA.
    Aaron Painter, CEO at Nametag, explains why help desks and account recovery workflows have become prime targets for social engineering attacks.

    🪪 Identity verification should become a security layer of its own, rather than a support process.
    🪪 Enterprises need ways to verify who is contacting the help desk, not just whether the account exists.
    🪪 Recovery workflows, escalations, and exception handling need dedicated security controls.

    Read more:
    technadu.com/new-identity-batt

    #AskTheExperts #IdentitySecurity #HelpDeskSecurity #CyberSecurity

  5. Password Resets Expose Vulnerability in Corporate Security

    Did you know that password resets can cost companies a whopping $70 each, and with stolen credentials involved in nearly 45% of breaches, it's clear that corporate security is vulnerable to attack.

    osintsights.com/password-reset

    #PasswordResets #CredentialTheft #SelfservicePasswordReset #Sspr #HelpdeskSecurity

  6. A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬

    TL;DR
    ⚠️ Attackers phoned in to get passwords with no checks
    🔐 Lack of identity verification is a major failure point
    🛠️ Companies must tighten help desk protocols and training
    📌 Liability can ripple far beyond breach response costs

    reuters.com/legal/government/l
    #cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail

  7. A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬

    TL;DR
    ⚠️ Attackers phoned in to get passwords with no checks
    🔐 Lack of identity verification is a major failure point
    🛠️ Companies must tighten help desk protocols and training
    📌 Liability can ripple far beyond breach response costs

    reuters.com/legal/government/l
    #cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail

  8. A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬

    TL;DR
    ⚠️ Attackers phoned in to get passwords with no checks
    🔐 Lack of identity verification is a major failure point
    🛠️ Companies must tighten help desk protocols and training
    📌 Liability can ripple far beyond breach response costs

    reuters.com/legal/government/l
    #cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail

  9. A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬

    TL;DR
    ⚠️ Attackers phoned in to get passwords with no checks
    🔐 Lack of identity verification is a major failure point
    🛠️ Companies must tighten help desk protocols and training
    📌 Liability can ripple far beyond breach response costs

    reuters.com/legal/government/l
    #cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail

  10. A new Clorox lawsuit shows that our biggest security risk remains people, not technology. Attackers from Scattered Spider simply phoned the the Clorox helpdesk run by Cognizant and just asked them for passwords.... and they gave them up! Hackers didn't need deep tech skills, just weak verification from Cognizant. 🤬

    TL;DR
    ⚠️ Attackers phoned in to get passwords with no checks
    🔐 Lack of identity verification is a major failure point
    🛠️ Companies must tighten help desk protocols and training
    📌 Liability can ripple far beyond breach response costs

    reuters.com/legal/government/l
    #cybersecurity #socialengineering #helpdesksecurity #riskmanagement #security #privacy #cloud #infosec #3rdPartyRisk #OutsourcingFail