Kevin Beaumont on Nostr: One of the things TfL have done in their containment phase is locked their IT staff's ...
One of the things TfL have done in their containment phase is locked their IT staff's accounts, who aren't working on recovery -- and they're working to manually reauthenticate who their staff are, i.e. check their identities.
In entirely unrelated (👀) news, teenagers in LAPSUS$ and Scattered Spider often obtain access by calling up the helpdesk and saying they've lost their phone for MFA and/or forgot their password.
Published at
2024-09-12 16:03:20Event JSON
{
"id": "61fe3dd2827089b006c9dec29e7d1e3141156616ddeb107b51c7c212410c476d",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1726157000,
"kind": 1,
"tags": [
[
"e",
"4ca7b5be70f27332bebaa4d5f157e73d077f9369f090ef96fc7e66bcd43b2317",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/113125425193499517",
"activitypub"
]
],
"content": "One of the things TfL have done in their containment phase is locked their IT staff's accounts, who aren't working on recovery -- and they're working to manually reauthenticate who their staff are, i.e. check their identities.\n\nIn entirely unrelated (👀) news, teenagers in LAPSUS$ and Scattered Spider often obtain access by calling up the helpdesk and saying they've lost their phone for MFA and/or forgot their password.",
"sig": "362c4494705f9252b9b4c545c8c8ae69f4277dcb99c5e794a76c6068e4ce903af88eb9dab2dacd688aac6dace3284847621b552d37990c7b5772627bd22d5eef"
}
