09/24/2022 | Press release | Distributed by Public on 09/24/2022 09:50
The Annoyingly Persistent Teenager has struck once again!
Anyone who has raised children gets nagged on a regular basis, we either agree out of abject frustration or lose our temper, feel guilty and ultimately give into a "negotiated settlement".
The capacity for children, particularly in their early teens, to repeatedly and without relent ask over and over for something is truly magnificent.
In the world of cyber security, this capacity to "nag" has been weaponized to great success by threat actors still within their teens. If you have been reading the news recently, you may have noticed the recent Uber cyber-attack where a contractor was nagged for their multi-factor authentication (MFA) acknowledgment until they finally relented and clicked the "Approve" button.
At this point you are probably asking yourself "but how did the attacker get the contractors password?". Though those details were not shared, passwords paired with a second factor of authentication still suffer the same weaknesses that they had before MFA came into the picture. Users reuse passwords across many sites and services and if one of those services suffers a breach, the user risks having that password reused in other services where they may have accounts.
Here are three steps to better mitigate against the original APT,