The headline equally applies to the abuse of LinkedIn Smart Links: LinkedIn Smart Links abused in evasive email phishing attacks (bleepingcomputer.com) This is a feature in the LinkedIn Sales Navigator and Enterprise versions and allows packages of documents to be sent out and the metrics for the documents can be …
Be careful of security theatre and user security fatigue
Would your Global Administrator account security up to our standard? Protecting credentials is an important step in any cyber security plan. One of the first things we always do when taking on a cyber security client, before we even embark on the fact finding and documentation, is make sure everyone …
Continue reading “Be careful of security theatre and user security fatigue”
Breaking Bitcoin encryption
The hacking group TeamTNT has been spotted by the security company AquaSec attempting to hijack servers to run malware used to break Bitcoin encryption: TeamTNT hijacking servers to run Bitcoin encryption solvers (bleepingcomputer.com) The task is computationally intensive but if enough servers are compromised and a wide enough distributed computer created, …
Phishing wave after Revolut security is compromised and personal information is stolen
Following a breach of security of the international financial technology company Revolut, which was quickly dealt with by their security team, over 50,000 client accounts were compromised and information stolen. Although information such as, email addresses, phone numbers, account data and some limited credit/debit card data was stolen, PIN, detailed …
Spell checkers leaking passwords to Microsoft and Google!
Here is a security concern that you may not have thought of. The enhanced (not the basic one the products ship with) spell check functionality in Microsoft Edge and Google Chrome sends information back and forth between your machine and their servers but it appears this information can include personally …
Continue reading “Spell checkers leaking passwords to Microsoft and Google!”
