The number of security failures now is nothing close to the golden age of malware in the 90s/early 2000s.
The #1 security exploit today is tricking the user into letting you in, because attacking the software is too hard.
The number of security failures now is nothing close to the golden age of malware in the 90s/early 2000s.
The #1 security exploit today is tricking the user into letting you in, because attacking the software is too hard.
You make a strong point, but now we also have smartphones, ioT devices and cloud networks EVERYWHERE and there is tons of shared open source code (supply chain attacks), and there are tons of open-source attacker tools,vuln databases and exploits (see nuclei on github).
Yes, many/most systems now offer some form of authentication, and many offer MFA, but look at the recent Redis vulns -- yet there are thousands of Redis instances vulnerable to RCE just sitting on the public internet right now.
Bah.
It's #1 one because it's easier than the alternative. But the alternative is also not hard. It's just not worth the effort.