Olivia
Online
Token
@token
Token eliminates stolen-credential risk with hardware-anchored, biometric-bound authentication. Phishing-resistant. Zero Trust ready. Identity assured.
Rochester, NY, USA
Joined April 2017
182 Following
3.8K Followers
45 Posts
Salesforce MFA enforcement hits July 1. Most orgs will comply but only a few will verify the human behind the login.
A YubiKey checks a box. Biometric match-on-chip hardware closes the gap.
https://t.co/XMpgtctmNP
#PhishingResistant #BiometricAuthentication #PhishingProof
Salesforce's phishing-resistant MFA deadline is July 1.
Token proves the person — not just the credential. Hardware-bound. Biometrically enforced. FIDO2-certified.
https://t.co/SwzK27cdyW
#PhishingResistant #IdentitySecurity #PhishingProof
So they showed up in person. Silent Ransom Group is now sending fake IT techs to plug USB drives into your computers.
Phishing-resistant MFA stops this at step one: https://t.co/bKZcmu37yS
#CredentialSecurity #IdentitySecurity #BiometricAuthentication
Salesforce's phishing-resistant MFA mandate takes effect July 1.
A synced passkey satisfies FIDO2. It doesn't prove the authorized person is present.
That's the gap. That's what Token closes.
https://t.co/7RyblDJzmE
#PhishingResistant #IdentitySecurity #PhishingProof
Who to follow
ZebPay
@zebpay
The leading Crypto asset exchange for 6 million+ investors worldwide. Available on Android, iOS and Web. Support: @zebpaysupport
Delphi Digital 
@Delphi_Digital
A research-driven firm dedicated to making crypto happen sooner and better than it would without us.
Melanie Shapiro
@melshapiro
Founder @token | Board Member @codetoinspire | Crisis Counselor @crisistextline
Strong MFA is necessary. It's no longer sufficient.
The new question isn't "did the user authenticate?"
It's "what exactly did the user authorize, and under what conditions?"
Full breakdown: https://t.co/WJJbzxFu5M
#CredentialSecurity #CyberThreats #cybersecurity
Hardware-bound biometrics fix the credential problem:
→ Fingerprint match never leaves the device
→ Domain binding blocks lookalike sites in hardware
→ Proximity check: user within 3 feet
Stop managing credentials. Start proving the human:
https://t.co/7pDqgN5IR0
The useful question after Carnival isn't whether your employees have MFA.
It's whether your MFA can be relayed, reset, or socially engineered.
Domain-bound, hardware-bound, biometric FIDO2 closes those paths at the protocol layer.
https://t.co/jPZXEpAU3v
#IdentitySecurity
The FBI warned about device code attacks.
The victim used MFA. Authentication succeeded. The attacker still got in.
This isn't credential theft. It's authorization manipulation. The threat model has changed.
https://t.co/1xl3pSswzY
#CredentialSecurity #CyberThreats
82% of breaches involve stolen credentials. Your MFA isn't stopping them.
Phishing kits clone domains in minutes. Deepfakes approve push notifications across time zones. If a secret can be known, it can be stolen.
https://t.co/v2lRLxkIxq
#NextGenMFA #IdentitySecurity
The Carnival disclosure follows a pattern showing up across enterprise breaches:
→ Phishing relay
→ Push-approval abuse
→ Help-desk manipulation
https://t.co/zKY3YuuTjT
#MFA authenticates the perimeter. It doesn't protect what's already inside.
That's the real lesson from the Nitrogen ransomware group and the Foxconn incident — and it has nothing to do with malware sophistication.
https://t.co/M9xcw3DUcY
#CyberThreats #IdentitySecurity
Legacy MFA has one fatal flaw: it assumes enrollment can't be abused remotely. In outsourced environments, that assumption breaks.
When identity can be re-issued over a phone call, attackers don't bypass your controls. They use them. https://t.co/eNwnzTlJUU
#PhishingResistant
Ransomware doesn't need to break in anymore. It inherits access.
That's the real lesson from the Nitrogen ransomware group and the Foxconn incident — and it has nothing to do with malware sophistication.
https://t.co/fHk1e57JKi
#CyberThreats #IdentitySecurity
They're calling your employees, faking IT support, and walking them through OAuth flows until Salesforce issues the token itself.
Auth apps see none of it. Hardware-bound identity does.
https://t.co/98pTVbtWfM
#IdentitySecurity #PhishingResistant
Insurance wasn't breached. Identity was borrowed. Scattered Spider called the help desk. Impersonated an employee. Reset MFA. Got in.
No malware. No exploit. Just a support process that couldn't verify who was asking.
https://t.co/lbuLnLZvWd
#PhishingResistant #CyberThreats
CrowdStrike just named Cordial Spider and Snarky Spider. Same playbook. New crews. More scale.
They don't need to break your stack. They just need one person to answer the phone.
https://t.co/cfaPMR5kRd
#BiometricAuthentication #CredentialSecurity #IdentitySecurity
Salesforce is the new identity goldmine.
Google. Adidas. Amtrak. Medtronic.They weren't hacked. Their employees were coached into handing over access.
Auth apps confirmed it happened. They didn't stop it.
https://t.co/fbrpPs3eXp
#IdentitySecurity #PhishingResistant
Valid credentials ≠ valid identity.
Attackers didn't exploit a vulnerability. They became a recognized user. That's not a cloud problem. That's an authentication problem: https://t.co/Zv9jVVsFXN
#BiometricAuthentication #IdentitySecurity #CredentialSecurity #PhishingResistant
CrowdStrike is tracking two new groups running the Scattered Spider playbook across finance, healthcare, and retail.
Their only tool: human judgment under pressure.
That's not a vulnerability you patch. It's one you architect around.
https://t.co/rqON7H829m
#IdentitySecurity
As long as identity can be reassigned over the phone, attackers will make that call.
More training won't fix it. Better monitoring won't fix it.
Remove the attack surface. Don't manage it. Learn more: https://t.co/yJFs3DWfAM
#BiometricAuthentication #IdentitySecurity
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers