This morning, I have released a new blog post on our training site CyberAwake about how to work securely from anywhere. The choice of hot beverage is yours.
Advice on when you are working out of the office
Pass the cookie attack – but you still need to use MFA and have these extra steps in place
We cannot emphasise how important multi-factor authentication is to your cyber security – however, of course, the threat actors do have ways around it: Cookie stealing: the new perimeter bypass – Sophos News The threat is malware getting into your system and stealing session cookies that are associated with the …
I have told everyone to use MFA so I do not need to think about more cyber security! UPDATED 14 July 2022
This post was original published on 27 June 2022 Update 14 July 2022 Here is an article from the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft 365 Defender Research Team outlining how the big phishing campaigns backed by experienced and skilled hackers can bypass the security of multi-factor authentication: …
Here is something new – pre-hijacking!
Hijacking of online accounts is a serious cyber security concern. The unauthorised access by threat actors to everything from Amazon accounts to Zoho accounts all have data breach consequences either for the individual or organisation. (That is why we tell all our clients to make multi-factor authentication (MFA) compulsory for …
I love patches as part of a cyber security plan – but there is a problem!
If the patch is not effective or worse it breaks something else whilst fixing the vulnerability. This happened to Microsoft: Microsoft fixes Windows authentication woes • The Register But you still have to run those patches and updates as an unpatched system is a target for threat actors. Better to …
Continue reading “I love patches as part of a cyber security plan – but there is a problem!”
