Tag

#MFA

13 stories taggedMFA.

Photoreal news-editorial style, 16:9 framing, full-frame edge-to-edge composition
Threat Intelligence

Your Business Is Not Too Small to Be an Iranian Hacker's Next Target

Groups linked to Iran's intelligence services are not hand-picking victims. They are scanning the internet for any door left unlocked, and a GPS company and a medical-device maker have already paid the price.

3 min
Extreme close-up of a server rack's blinking status lights in a darkened data centre, rows of ethernet cables in cool blue and amber tones, shallow depth of fie
Identity & Access

81 Million Login Attempts: A Massive Password Spray Attack Hit Microsoft 365 Users

Criminals hammered Microsoft accounts with automated login attempts for two weeks. At least 78 accounts were broken into — and many victims had multi-factor authentication switched on, just not set up correctly.

3 min
Threat Intelligence

Ousaban Resurfaces in Iberia, Hiding Bank-Stealer Payloads Inside Images

A Brazilian trojan pivots to Spanish and Portuguese banking customers, using geofenced PDF lures and steganography to bury its real payload.

3 min
Identity & Access

The Service Desk Is the New Phishing Inbox

Help desks keep getting talked out of MFA resets. The fix is less about training and more about treating identity verification like an auth protocol.

3 min
Identity & Access

MFA Alone Won't Save You: What Modern Attackers Know That Defenders Don't

A practitioner-focused webinar examines how threat actors sidestep conventional detection controls and why single-layer authentication assumptions are failing organizations.

2 min
Identity & Access

Zero Trust Turns 15 and Still Can't Get Out of Its Own Way

The 'never trust, always verify' model isn't failing because the idea is wrong. It's failing because organizations keep treating a security philosophy like a SKU.

3 min
Identity & Access

First-Day Passwords Are Still IAM's Soft Underbelly

Temporary onboarding credentials keep showing up in breach forensics. The problem isn't laziness — it's that most IT teams never actually defined what 'temporary' means.

2 min
Identity & Access

Infostealers Are Now the Front Door for Ransomware Gangs

Credential theft at industrial scale has made exploit-based initial access look quaint. Here's why stolen session tokens are reshaping the attack chain.

2 min
AI Security

Meta's AI Support Bot Handed Out Password Resets to Anyone Who Asked Nicely

A pro-Iran Telegram channel published a walkthrough showing how Instagram's conversational recovery assistant could be talked into linking attacker-controlled email addresses to target accounts. The Obama White House and a senior U.S. Space Force account were briefly defaced.

3 min
Identity & Access

When 'Minor Foothold' Means Full Account Takeover: The Week IAM Bent the Wrong Way

A Claude security plugin, an Azure privilege-escalation chain, and a Kali365 MFA bypass all land in the same news cycle. Identity is still the soft underbelly.

2 min
Identity & Access

The Perimeter Is Gone. Attackers Already Knew That.

Modern intrusions rarely crack the wall. They walk through the front door, wearing your credentials.

3 min
Opinion

Twenty Years of Cyber Lessons and We're Still Losing on the Basics

The industry spent two decades reinventing its philosophy — perimeter defense to assume-breach — yet the attacks that still hit hardest exploit the same unpatched, misconfigured, un-MFA'd mistakes we should have buried years ago.

3 min
Identity & Access

Prompt Bombing Turned Your Second Factor Into a Doorbell Nobody Stops Ringing

Attackers stopped trying to steal push notifications. They just wait for tired users to tap 'approve' at 2 a.m.

2 min
© 2026 Threat Vectr