Posts tagged with multi-factor authentication explain how layered identity verification strengthens access security. Coverage includes MFA implementation strategies, authenticator app comparisons, hardware token options, and best practices for deploying MFA across enterprise environments.
posts
In May 2024, Check Point disclosed that threat actors were actively exploiting a zero-day vulnerability in its VPN products — CVE-2024-24919 — to harvest Active Directory credentials and move laterally through enterprise networks. Attackers didn't need a sophisticated exploit chain. They needed one VPN gateway running a default configuration with
Port 3389: The Door You Left Wide Open In January 2024, the FBI and CISA issued a joint advisory warning that the Phobos ransomware group had been exploiting exposed Remote Desktop Protocol (RDP) services to breach organizations across government, healthcare, education, and critical infrastructure. The attackers didn't use
A Single Misconfigured S3 Bucket Exposed 3 Billion Records In 2021, a researcher discovered that a misconfigured cloud storage bucket belonging to data analytics firm Cognyte had exposed more than five billion records. Capital One's infamous 2019 breach — a misconfigured web application firewall in AWS — cost them over
The Snowflake Breach Changed How I Think About Cloud Risk In mid-2024, threat actors compromised over 165 organizations by exploiting stolen credentials against Snowflake cloud accounts that lacked multi-factor authentication. Ticketmaster, AT&T, Santander — massive names, massive data losses. The root cause wasn't some exotic zero-day. It
In January 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive after threat actors exploited misconfigured SaaS environments across multiple federal agencies. The attackers didn't need sophisticated zero-day exploits. They walked in through overprivileged service accounts, dormant API tokens, and single-factor authentication — problems that every
The Breach That Started With a Reused Password In January 2024, Microsoft disclosed that a Russian threat actor group known as Midnight Blizzard compromised executive email accounts — not through some exotic zero-day, but by password spraying a legacy test account that lacked multi-factor authentication. One overlooked account. No MFA. That&
Your Employees' Passwords Are Probably Already for Sale In January 2024, researchers discovered a file called "Naz.API" circulating on dark web forums containing over 71 million unique email addresses paired with plaintext passwords — many harvested by credential-stealing malware. That's not a hypothetical. That'
23andMe Lost 6.9 Million Records to a Credential Stuffing Attack In October 2023, genetic testing company 23andMe confirmed that threat actors had compromised roughly 14,000 accounts using stolen credentials from other breaches. Because of the platform's social sharing features, that initial foothold gave attackers access to
In December 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory warning that Russian military-linked threat actors were systematically using brute force attacks to compromise Microsoft 365 accounts across government agencies and critical infrastructure. These weren't sophisticated zero-day exploits. They were automated password-guessing scripts
23andMe Filed for Bankruptcy. Account Takeover Was the Starting Gun. In October 2023, genetic testing company 23andMe confirmed that threat actors had compromised roughly 6.9 million user accounts. The attack method wasn't some exotic zero-day exploit. It was credential stuffing — attackers used previously leaked username and password
