Insight #1
Spray and pray: That’s the modus operandi behind the latest successful attack against Microsoft, which resulted in compromise of the company’s email systems. The attackers reportedly got in through an old testing environment, which seemingly had no multi-factor authentication (MFA) stopping them.
Lesson learned: Just because it’s not a production system doesn't mean it can't be used as an avenue to get into your production systems. Threat models? MFA? It all matters.
The post Cybersecurity Insights with Contrast CISO David Lindner | 1/26/24 appeared first on Security Boulevard.
David Lindner, Director, Application Security
Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/01/cybersecurity-insights-with-contrast-ciso-david-lindner-1-26-24/