Mandiant's brute-forced X account exposes perils of skimping on 2FA

Speculation builds over whether a nearly year-old policy change was to blame

Google-owned security house Mandiant's investigation into how its X account was taken over to push cryptocurrency scams concludes the "likely" cause was a successful brute-force password attack....