By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
My thanks to Kolide by 1Password for sponsoring last week at DF. The September 2023 MGM hack is one of the most notorious ransomware attacks in recent years. Journalists and cybersecurity experts rushed to report on the broken slot machines, angry hotel guests, and the fateful phishing call to MGM’s help desk that started it all.
But while it’s true that MGM’s help desk needed better ways of verifying employee identity, there’s another factor that should have stopped the hackers in their tracks. That’s where you should focus your attention. In fact, if you just focus your vision, you’ll find you’re already staring at the security story the pros have been missing.
It’s the device you’re reading this on.
To read more about what they learned after researching the MGM hack — like how hacker groups get their names, the worrying gaps in MGM’s security, and why device trust is the real core of the story — check out the Kolide by 1Password blog.
★ Sunday, 23 June 2024