This Was Entirely Predictable – Hackers Tricking People Into Facial Scans

This Was Entirely Predictable – Hackers Tricking People Into Facial Scans

Collecting all of that information to verify the age of website visitors creates an extra-large target for that biometric information. When I applied online for unemployment, I had to provide copies of my social security card, driver’s license, and a live facial scan. Remember that this is the same state government with the entire DMV driver’s license database sitting on MoveIt when that tool got hacked, requiring me to store even more of my identity online with a third-party service.

The risk level is outrageous.

Linked – In major gaffe, hacked Microsoft test account was assigned admin privileges
|

Linked – In major gaffe, hacked Microsoft test account was assigned admin privileges

As the article below points out, I bet this wasn’t a technical issue. It’s not a bug. It’s a poor configuration choice, yes, likely made worse by a poor change management process. Somewhere along the way, you’d think someone would have it written down that this existed, and someone would see it written down and act on it. That didn’t happen. You’d also like to think there would be a hard rule to enable MFA in any environment, including testing ones.

Shared Links (weekly) Jan 7, 2024

Shared Links (weekly) Jan 7, 2024

Shared Links (weekly) Dec 31, 2023

Shared Links (weekly) Dec 31, 2023