Defense in Depth

Account Defense in Depth

The Mayor of Tampa, Florida, had this Twitter account hacked due to “the usual weaknesses, including poor passwords.” The hackers used the account to tweet pornographic images and even an incoming ballistic missile alert. Comcast’s Xfinity Mobile service used a default account security PIN of “0000”, which allowed several customers to have their accounts taken over. You not only need strong passwords, you need strong second factor authentication. That’s defense in depth.

In other news, Microsoft’s Edge browser was found to have a whitelist for almost 60 websites that bypass the Flash Player click-to-run protections, a Canadian province is allowing the mass sale of anonymized medical records, the fast Thunderbolt USBC ports are found to be vulnerable to a memory access hack called Thunderclap.