Multi-factor Authentication – MFA – if you are unsure how this cyber security tool contributes to your security, then have a read of this: If you do know how important MFA is, then you will realise that a fake MFA app would cyber security chaos. Of course, the threat actors …
Credentials are King
Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …
Threat actors target MFA
Whatever you read here in a few moments – it is my opinion that MFA (Multi-factor authentication) still remains a key tool in protecting your team’s credentials and defending your information. MFA under attack There have always been weaknesses in and attacks against, some very simple such as just annoying …
Phone number recycling
Here is something new to think about: Meta brushes off risk of account theft via number recycling • The Register I must admit I had never thought about this type of leak in a cyber security plan. I am not sure how relevant this is in the UK, but it …
Unsolicited MFA prompts
Last Wednesday I published my MFA Primer series and part two looks at this type of cyber attack against multi-factor authentication. In brief when the threat actors have a valid set of credentials they repeatedly try and access the service with them, generating multiple MFA requests to your authenticator app. …