mirror of
https://github.com/jackyzha0/quartz.git
synced 2025-12-27 23:04:05 -06:00
vault backup: 2022-10-12 12:14:46
This commit is contained in:
Jet Hughes
parent
2c0916da1d
commit
f00169f85f
@ -13,7 +13,54 @@ Jet Hughes 9474308
|
||||
|
||||
# What are the articles?
|
||||
## 2012 Honan Wired
|
||||
[link](https://blackboard.otago.ac.nz/bbcswebdav/pid-2956926-dt-content-rid-18904224_1/xid-18904224_1)
|
||||
|
||||
- guy got hacked
|
||||
- amazon - apple - gmail - twitter
|
||||
- could have been prevented with 2fa on google
|
||||
- ultimate goal twitter
|
||||
- should have used backups for devices
|
||||
- was his fault
|
||||
- but also security flaws in apple and amazon
|
||||
- final four digits shared by amazon are required by apple
|
||||
- disconnect exposes flaws in tech industry
|
||||
- foreshadows issues in era of cloud and connected devices
|
||||
- password based systems are no longer suffice
|
||||
|
||||
5pm
|
||||
- phone powered down
|
||||
- This was irritating, but I wasn’t concerned
|
||||
- assumed it was a software glitch
|
||||
- phone automatically backs up
|
||||
- I was irritated, but not alarmed.
|
||||
- the screen went gray, and asked for a four-digit PIN
|
||||
- I knew something was very, very wrong.
|
||||
- unplugged my router and cable modem, turned off the Mac Mini
|
||||
- called AppleCare
|
||||
- a call had been placed just a little more than a half an hour before my own.
|
||||
- Apple rep didn't bother to tell me about the first call concerning my account
|
||||
- only shared this information after I asked about it
|
||||
- someone called AppleCare claiming to be me.
|
||||
- reported that he couldn't get into his Me.com e-mail
|
||||
- issued a temporary password
|
||||
- despite the caller’s inability to answer security questions I had set up
|
||||
- it did this after the hacker supplied only two pieces of information that anyone with an internet connection and a phone can discover.
|
||||
- a password reset confirmation arrived in my inbox
|
||||
- I don’t really use my me.com e-mail, and rarely check i
|
||||
- hackers immediately sent it to the trash.
|
||||
- reset my AppleID password
|
||||
- Gmail password recovery e-mail
|
||||
- Google account password had changed
|
||||
- reset my Twitter password.
|
||||
- used iCloud’s “Find My” tool to remotely wipe my iPhone, iPad, Macbook
|
||||
- deleted my Google account
|
||||
- the attackers posted a message to my account on Twitter taking credit for the hack.
|
||||
- not only had the ability to control my account, but were able to prevent me from regaining access
|
||||
- those deletions were just collateral damage
|
||||
|
||||
|
||||
## 2015 Brandom Anatomy of a Hack
|
||||
[link](https://blackboard.otago.ac.nz/bbcswebdav/pid-2956926-dt-content-rid-18904225_1/xid-18904225_1)
|
||||
|
||||
# What do they have in common?
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user