Microsoft, GitHub, OpenAI urge judge to bin Copilot code rip-off case
We're not the bad guys in this, Azure empire says with a straight face
Devops
31 Jan 2023 | 24
Drop claims to improve by using 2FA, but according to their earlier statement the fishing worked despite already 2FA (HW token) in place.
I guess that why they were boxed into concluding that it is inevitable some phishing attacks will succeed.
Surely improvement is possible.
(1) "These legitimate-looking emails directed employees to visit a fake CircleCI login page, enter their GitHub username and password, and then use their hardware authentication key to pass a One Time Password (OTP) to the malicious site," Dropbox's explanation states.
(2) The company's write-up said it was already working to combat this sort of incident by upgrading its two-factor authentication systems to WebAuthn multi-factor authentication and will soon use hardware tokens or biometric factors across its entire environment.
Biting the hand that feeds IT
