Kyle Rankin on Nostr: Overall, reading T-Mobile’s CISO talk about how their defenses worked against Salt ...
Overall, reading T-Mobile’s CISO talk about how their defenses worked against Salt Typhoon is interesting, but the effectiveness of frequent credential rotation when FIDO2 isn’t available was particularly interesting:
“In the case of credentials where FIDO2 can't be deployed, T-Mobile US rotates the credentials "extremely regularly, and we see this directly impacting the attacker," Simon told The Reg.”
https://www.theregister.com/2024/12/05/tmobile_cso_telecom_attack/
#infosec #SaltTyphoon
“In the case of credentials where FIDO2 can't be deployed, T-Mobile US rotates the credentials "extremely regularly, and we see this directly impacting the attacker," Simon told The Reg.”
https://www.theregister.com/2024/12/05/tmobile_cso_telecom_attack/
#infosec #SaltTyphoon