Cybersecurity

5404 readers

78 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

244

Microsoft Azure Hit With The Largest Data Breach In Its History; Hundreds Of Executive Accounts Compromised (techreport.com)

submitted 7 months ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

26 comments fedilink hide all child comments

For the first time in the history of Microsoft, a cyberattack has left hundreds of executive accounts compromised and caused a major user data leak as Microsoft Azure was attacked.

According to Proofpoint, the hackers use the malicious techniques that were discovered in November 2023. It includes credential theft through phishing methods and cloud account takeover (CTO) which helped the hackers gain access to both Microsoft365 applications as well as OfficeHome.

you are viewing a single comment's thread
view the rest of the comments

[–] deweydecibel@lemmy.world 14 points 7 months ago (1 children)

work on service desk.

Nobody knows their password.

If they did they wouldn't be contacting the service desk.

[–] OrderedChaos@lemmy.world 10 points 7 months ago (1 children)

I often get confused at how someone could log into the computer and yet after that is done have no idea what their password is. I sometimes have them lock their computer so they can remember it again. Facepalm.

[–] wizardbeard@lemmy.dbzer0.com 10 points 7 months ago (1 children)

Been on both ends of this (IT support and "forget password after entering it correctly"). The secret is muscle memory/subconcious habit.

Used to have the same issue with the dial combo lock on my locker at school. If I thought about it I could never open it. If I distracted myself just enough then I'd get it open without really knowing what I did.

That said, at my place we had someone forgetting their password literally minutes after a call to have it reset, multiple times a day. Don't know what the issue was, but we had to escalate it to HR and the person was out for a good while.

[–] tophneal@sh.itjust.works 7 points 7 months ago

Totally agree about the muscle memory. I recall having access to a CO DNR database at a previous job. It was one of three alphanumeric passwords assigned to me with no option to change them. I realized one day after having my hand in the wrong place on the keyboard that I didn’t really remember it, but my subconscious did