A social network platform was breached by hackers taking advantage of remote working vulnerabilities (i.e., the hackers exploited employees’ VPN issues by calling and impersonating IT personnel); the platform had no CISO in place, and did not implement any significant compensating controls after shifting to a remote workforce (e.g., proper multi-level authentication, phishing and vishing campaigns for employee awareness).
Data Breach: NY Regulator Finds Social Network Lacked Appropriate Security
Related Posts
Turkey’s Entire Population Has Data Leaked
It was discovered that roughly 85 million people’s data (the entire population of Turkey) had their information added…
Florida Privacy Bill maintains PRA
iapp.org/news/a/florida-privacy-bill-maintains-pra-ahead-of-house-floor-vote/
Ransomware Industrial Services
www.zdnet.com/article/ransomware-industrial-services-are-still-the-most-popular-target-but-now-cyber-criminals-are-diversifying-attacks/?ftag=COS-05-10aaa0g&taid=6177c71f35a2610001afc9a9&utm_campai…