I am always alerting you to the cyber security issues that WordPress and WordPress plugin report – many of you use WordPress and need to be alert to these breaches in your cyber security. Or at least someone in your organisation or supply chain – if you use a thrid-party …
A fix that is not a fix
Do not be tempted to click on an offered PowerShell fix, for an apparent error in Microsoft Word, OneDrive or Google Chrome – it could be a social engineering trick to get you to install malware to your computer: Fake Google Chrome errors trick you into running malicious PowerShell scripts …
Use MFA
Following Monday’s post about Microsoft stopping basic authentication for personal accounts, in favour of MFA/token based security, here is a reminder why organisations need to enforce MFA: Scathing report on Medibank cyberattack highlights unenforced MFA (bleepingcomputer.com) No excuses, that includes your very busy CEO and Josephine in accounts who has …
Is your ransomware plan to pay the ransom?
Well if it is, that can be expensive in money and reputation – it may even get you into the press, so everyone can see what you did. Panera Bread likely paid a ransom in March ransomware attack (bleepingcomputer.com) In the UK there is also this advice to consider: It …
Continue reading “Is your ransomware plan to pay the ransom?”
Not business cyber security but important…
Microsoft has announced that of 16 September 2024, basic authentication (using an email address + password) will no longer be an option for personal Microsoft accounts, i.e. Outlook.com, Hotmail.co.uk and Live.com. Microsoft: New Outlook security changes coming to personal accounts (bleepingcomputer.com) To access these accounts users will need to set …
Continue reading “Not business cyber security but important…”
