Scattered Spider didn’t need a zero-day to breach Clorox. They just phoned the help desk—convincing agents to reset passwords & MFA without proper checks. The result: $380M in damages. Learn from Specops Software why caller verification and audit trails are critical. […]
from https://www.bleepingcomputer.com/news/security/can-i-have-a-new-password-please-the-400m-question/