BLUE
Login
Profile banner
MS
Mike Sager (Complimentary)
@mikesager.net
Security, rock and roll, dad jokes. Fan of The National and The Nationals. At a security startup, but like a cool one. Former CTO at EMILY’s List, and worked a lot of other places before that. I’m not here to argue or debate anyone; I just block.
426 followers507 following1.6k posts
MSmikesager.net

All the counts in here are for account takeover attacks (via phishing). Per my, admittedly quick, read, EVERY single one of these could have been prevented by simply adopting a FIDO2 based security key or passkey as the second factor with the elimination of alternate backups. Every single thing here

JJjoshuajfriedman.com

NEW: The indictment against members of Iran's Islamic Revolutionary Guard Corps for hacking the Trump campaign has been unsealed (via Kyle Cheney, Politico) s3.documentcloud.org/documents/25...

INTRODUCTION Beginning in or around January 2020, and continuing through at least September 2024, malicious cyber actors employed by the Islamic Republic of Iran's ("Iran") Islamic Revolutionary Guard Corps ("IRGC"), Masoud Jalili ("JALILI", Seyyed Ali Aghamiri ("AGHAMIRI"), Yaser Balaghi ("BALAGHI), and other persons known and unknown to the Grand Jury (collectively, "Conspirators"), prepared for and engaged in a wide-ranging hacking campaign that used spearphishing and social engineering techniques to target and compromise the accounts of current and former U.S. government officials, members of the media, nongovernmental organizations, and individuals associated with U.S. political campaigns. Such activity is part of Iran's continuing efforts to stoke discord, erode confidence in the U.S. electoral process, and unlawfully acquire information relating to current and former U.S. officials that could be used to advance the malign activities of the IRGC. Follow link above for full text.
3
BKcolorschoolbeat.bsky.social

Just got a fraud alert text from “chase” that has lotsa hinky.

1
CMtruckpoetry.bsky.social

Sure, FIDO/Biometrics/better 2FA all would help but so would BASIC INTERNET TRAINING TO NOT FALL FOR SCAMS THAT TYPICALLY ONLY WORK ON NON-TECHNICAL ELDERLY FOLKS but maybe that is asking a lot for these people to use critical thinking.

2
MSmikesager.net

I've been very annoying everywhere I've worked for the last 8 years about adopting security keys. The reason why? Because they work.

3
Profile banner
MS
Mike Sager (Complimentary)
@mikesager.net
Security, rock and roll, dad jokes. Fan of The National and The Nationals. At a security startup, but like a cool one. Former CTO at EMILY’s List, and worked a lot of other places before that. I’m not here to argue or debate anyone; I just block.
426 followers507 following1.6k posts
HomePopularExplore