This just just shows that the bad guys are only getting better. No matter how much security we think we have, we need to constantly test ourselves. “…attacks always get better, they never get worse…” #BruceSchneier
Given enough time, the bad guys will find a way. It’s unfortunate, but true. The bad guys are highly motivated by money. There is a LOT of money in being bad. There’s not enough monetary motivation to being a good guy. You just have to want to do it for moral reasons. On a recent #SecurityNow podcast, Steve Gibson laid out all the millions of dollars that were gained by the top recent attacks and the company behind those attacks.
If you are responsible for your company’s security then you need to educate your users regularly on security measures and best practices. If you are a human and have any username/password combination then you MUST use MFA when you can, or when offered. Time-based is way more secure than SMS. You MUST use a reliable password manager because you MUST NOT use the same passwords on different accounts. Help yourself stay secure because the bad guys will help themselves to your data. I PROMISE YOU!