Cybersecurity Starts in the Boardroom
Fast Company an American magazine was hacked and abusive articles added to its news feeds, resulting in this material getting a wider audience through syndication on the Apple News app. The Apple News channel was quickly disabled and Fast Company took its site down pending a fix but the damage was …
Microsoft has been monitoring and seeing an increase in attacks using malicious OAuth applications, installed on compromise cloud servers that then facilitate mass spamming from Exchange Online servers. Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog The attack started with the threat actor launching …
Continue reading “Mass spamming starts with no MFA and credential stuffing”
Would your Global Administrator account security up to our standard? Protecting credentials is an important step in any cyber security plan. One of the first things we always do when taking on a cyber security client, before we even embark on the fact finding and documentation, is make sure everyone …
Continue reading “Be careful of security theatre and user security fatigue”
I have written an article over on CyberAwake, (our online cyber security training site), looking at triple A. Why you should care about the TLA AAA! – CyberAwake
We cannot emphasise how important multi-factor authentication is to your cyber security – however, of course, the threat actors do have ways around it: Cookie stealing: the new perimeter bypass – Sophos News The threat is malware getting into your system and stealing session cookies that are associated with the …
