InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,537.02
(
0.51%
)
US TECH 100
19,641.60
(
0.83%
)
Dow Jones
39,308.00
(
-0.06%
)
Brent Oil
87.38
(
0.54%
)
Bitcoin
57,723.98
(
-4.06%
)
Post# of 249194
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Genz2

Send PM Follow Ignore
Followers 5
Posts 2805
Boards Moderated 0
Alias Born 09/06/2006

Genz2

Re: None

Sunday, 09/18/2022 10:29:07 AM

Sunday, September 18, 2022 10:29:07 AM

Post# of 249194
Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials

https://www.darkreading.com/attacks-breaches/real-estate-phish-1000s-credentials-escalating-cyber-risk

Excerpts:

Microsoft Safe Links Falls Down on the Job

Safe Links has several known weaknesses and generating a false sense of security is the significant weakness is this situation." Benishti says.

Once on the malicious page, researchers observed an unusual twist in the proceedings; The attackers tried to make the most of their time with the victims by attempting to tease out multiple passwords from each phishing session.

.... Users will usually submit the same credentials at least one more time before they try variations of other passwords they might have used in the past, providing a gold mine of credentials for criminals to sell or use in brute-force or credential stuffing attacks to access popular financial or social media accounts."
==========================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Token-free, password-free user authentication

We know you’ve dreamt about shredding your list of passwords. Go on and do it.

Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
=============================================================
If you don't know your passwords since you have gladly shredded them, you won't have one to put onto a phishing website and since you don't interact with the authentication process phishing would be an easy red flag!!!
============================================================
Better security at less than half the cost!!!

Choose data protection that actually works!!!

http://www.wavesys.com/

RIDE THE WAVE!!!

Together Everyone Achieves More!!
Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up