Credentials are King

Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …

There is no choice but to run cyber security updates…

…but sometimes they go wrong. Microsoft has had to fix a number of problems following the April Patch Tuesday. Microsoft says April Windows updates break VPN connections (bleepingcomputer.com) Microsoft: April Windows Server updates cause NTLM auth failures (bleepingcomputer.com) I included these stories in this week of device security as a …

What the “Principle of Least Privilege” does for you? (pt. 1)

Principle of Least Privilege

This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first! Let’s start with a simple definition. The Principle of Least Privilege (PoLP) is a fundamental concept in …