Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But it's worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website.
https://krebsonsecurity.com/2023/02/when-low-tech-hacks-cause-high-impact-breaches/
@briankrebs Social hacks comprise almost all hacks. Very few come from your password not “containing at least one upper and one lower case letter” and similar measures against a hypothetical brute force attack.
