@ATXJane Happy to provide any info I can. I gave some of the details in the thread, but to elaborate:
The attack is designed to fly under the radar - it's very difficult to detect and actively avoids mitigating controls like account lockout, etc.
When an account is compromised, one of the first things we see is for the attack to shift to IMAP to go through emails in the account looking for 2FA PINs...and then hitting those accounts.
Current characteristics:
Relatively low-volume password spray (2-4 million requests/24hr)
Using a res proxy to spread attack across millions of IPs around the world
1 request per IP
Requests against a user ID are spread across hours or days
Even with unknown user IDs, seeing just shy of a 50% success rate on user ID guessing.
Just over .02% success rate overall...after over a year of attack/attrition
No changes to compromised accounts - just after access
@ATXJane The scale and *remarkable* subtlety of this thing is amazing. I'm not sure that anyone else even knows that they're under attack.
This AI attack represents a first-of-its kind in the world -- weaponized AI is actively driving this attack...on a global scale.
Currently, first-level targets are 1FA protected accounts for large suppliers (millions of users). Compromised accounts are used to go after 2FA accounts that are linked to them. Lather, rinse, repeat...wipe hands on pants.
Cybersecurity tip of the day: 2FA is no longer enough if your 2FA uses an email account for the OTP -- you need the entire chain to be 2FA and at some point for there to be a true out-of-band channel (mobile, passkey, hard token, etc.)
The AI-driven attack I'm tracking is a mass compromise of email, starting with 1FA accounts and using that to move on to 2FA accounts.
@CanisPundit
Try this one - an immediate favorite for me (though I up the gin:water ratio):
https://www.foodnetwork.com/recipes/native-american-firewater-chili-recipe-1956201
@JeniRizio Why am I always trying to convince everyone that I'm real? :P
That's real life...but 3D printed.
@lemontart something to consider, in that case, is that while Portugal is amazing in many (many) ways, it has the lowest average salary in all of Europe. Going in on a digital nomad visa is great, but can lead to concerns in the event of job loss.
Spain and southern France have similar climates and significantly better economic outlooks for those in the workforce.
@lemontart I absolutely adore Portugal! Wonderful country, amazing people. On a 10 year plan to retire there -- making yearly trips in the meantime as we zero in on the specific location to settle.
@lemontart 1. Don't ever go to Portugal -- you'll end up _immediately_ making a plan to immigrate (and make the visits with family happen anyway)
2. It depends on where in Europe you're looking at, and where you are in life. Retiring? It is easy to work out just about anywhere you choose if you can show the retirement income to justify it. Still working? There are more hoops to jump through, but it generally boils down to ensuring you're not taking jobs from locals.
@stueytheround is it wrong that I want to photoshop the Eye of Sauron onto the tower?
Hacker (ethical kind), recovered-ninja, blacksmith, geek, serial kilter.
That about covers it.