Cybersecurity Starts in the Boardroom
Last Wednesday I published my MFA Primer series and part two looks at this type of cyber attack against multi-factor authentication. In brief when the threat actors have a valid set of credentials they repeatedly try and access the service with them, generating multiple MFA requests to your authenticator app. …
I will start with this report from The Record about the ransomware risk in the UK: UK government risking ‘catastrophic ransomware attack at any moment,’ parliamentary report warns (therecord.media) If you have now read that, then you should be taking responsibility for your organisation’s readiness for a ransomware or other …
Continue reading “Ransomware – If the government is not taking it seriously you should…”
It is a while since the Log4j issue made the tech news – but recent research has shown that many apps that rely on this module are still using a version vulnerable to attack. Over 30% of Log4J apps use a vulnerable version of the library – BleepingComputer Your takeaway …
WordPress claims to be the most popular website platform in world – consequently it is also probably the most targeted by threat actors. Here is yet another attack: Fake WordPress security advisory pushes backdoor plugin (bleepingcomputer.com) Just this week as part of an IT and Cyber Security audit for a …
Google has issued the sixth emergency for 2023 to patch a zero-day exploit in Google Chrome. Google Chrome emergency update fixes 6th zero-day exploited in 2023 (bleepingcomputer.com) Patching vulnerable software on your systems is one of the top priorities of your cyber security plan. Closing the door on the hackers …
