81 Million Logins & a Leaky Apple Privacy Tool 🔑🍎
Two stories today are a reminder that the tools we trust to keep us safe can quietly become the weak link. One shows how attackers hammered cloud accounts at a scale that's hard to imagine, and the other reveals a privacy feature that may have been leaking the very thing it promised to hide.
🔑 81 Million Login Attempts: Cloud Accounts Under Siege
Over a two-week stretch in June, attackers fired off more than 81 million automated login attempts against Microsoft's Azure cloud, and it worked: at least 78 accounts across 64 different organizations were broken into. They pulled this off using old, leaked passwords and by exploiting an outdated login method that slipped past weak or misconfigured multi-factor authentication (MFA).
Here's the "so what": if your business uses Microsoft cloud services and hasn't turned on strong MFA for every user and app, a recycled password from an old breach could be all an attacker needs. The fix is straightforward but essential — require MFA everywhere and lock down cloud admin tools so only the people who truly need them can use them.
🍎 Apple's "Hide My Email" May Have Been Showing Your Real Address
Apple's Hide My Email lets you sign up for things using a random, disposable address so companies never see your real inbox. It's a privacy staple for millions of Apple users — which is exactly why a newly reported bug is worrying: researchers say a flaw could let bad actors unmask the real email address hiding behind those aliases.
If you've relied on Hide My Email to keep your inbox private and cut down on spam, this matters. An exposed real address means more targeted phishing, more junk mail, and a privacy shield that isn't as solid as advertised. Keep an eye out for an Apple update, and stay cautious about unexpected emails hitting an address you thought was protected.
Stay ahead of threats with GOCO Security at gocosecurity.com.
.jpg)
Comments
Post a Comment