Before we start go to your LinkedIn account now and check: Threat actors are hacking into and taking over LinkedIn accounts by apparently using the simplest of hacks – brute-forcing or using leaked credentials. LinkedIn and Microsoft are not helping the situation by dragging their feet and being “out of …
FBI Credential Stuffing warning
The reuse of password by users is still probably the most common cyber security mistake organisations and individuals make – making a credential stuffing attacks profitable for threat actors. Once a threat actor has gathered their lists of credentials then they – or rather their automated tools will attempt to …
Brute force attacks on Window 11
Disabling risky services for any OS or software “out-of-the-box” is always a good idea. If you need it, then you or your system administrators can enable it. A brute force attack is where a threat actor – or normally a threat actor computer – will try a range of different …
A brutal lesson in why longer complex passwords are better
To learn this lesson you do not have to pay anything – the New South Wales tax payers, thanks to experts hired by their politicians and government will pay for you. As part of the cybersecurity Master’s course, we had to set up an experiment to test brute forcing of …
Continue reading “A brutal lesson in why longer complex passwords are better”
Sophos report even government agencies can miss hackers in their network
Hacker spent nearly five months inside a US regional government network, downloading files, using software and deleting logs, before deploying Lockbit ransomware. Sophos recreated the attack from what was left of the logs and believe the attackers got in through a public facing remote desktop protocol (RDP) port – something …
Continue reading “Sophos report even government agencies can miss hackers in their network”