It still works, set up a lot of devices to just try their luck to break into as many M365 accounts as possible – it will work sometimes. In this case over 100,000 devices have been hijacked to create a botnet that also side steps MFA security using an outdated …
How to look after your LinkedIn account
Before we start go to your LinkedIn account now and check: Threat actors are hacking into and taking over LinkedIn accounts by apparently using the simplest of hacks – brute-forcing or using leaked credentials. LinkedIn and Microsoft are not helping the situation by dragging their feet and being “out of …
FBI Credential Stuffing warning
The reuse of password by users is still probably the most common cyber security mistake organisations and individuals make – making a credential stuffing attacks profitable for threat actors. Once a threat actor has gathered their lists of credentials then they – or rather their automated tools will attempt to …
Brute force attacks on Window 11
Disabling risky services for any OS or software “out-of-the-box” is always a good idea. If you need it, then you or your system administrators can enable it. A brute force attack is where a threat actor – or normally a threat actor computer – will try a range of different …
A brutal lesson in why longer complex passwords are better
To learn this lesson you do not have to pay anything – the New South Wales tax payers, thanks to experts hired by their politicians and government will pay for you. As part of the cybersecurity Master’s course, we had to set up an experiment to test brute forcing of …
Continue reading “A brutal lesson in why longer complex passwords are better”