Cybersecurity Starts in the Boardroom
It is a while since I have written about passwords – although I did do a deep dive into them and produced this Back-to-Basics primer: Most people would have got the message, by now, that a password has to be complex. The National Cyber Security Centre (NCSC) has an opinion …
It still works, set up a lot of devices to just try their luck to break into as many M365 accounts as possible – it will work sometimes. In this case over 100,000 devices have been hijacked to create a botnet that also side steps MFA security using an outdated …
Before we start go to your LinkedIn account now and check: Threat actors are hacking into and taking over LinkedIn accounts by apparently using the simplest of hacks – brute-forcing or using leaked credentials. LinkedIn and Microsoft are not helping the situation by dragging their feet and being “out of …
The reuse of password by users is still probably the most common cyber security mistake organisations and individuals make – making a credential stuffing attacks profitable for threat actors. Once a threat actor has gathered their lists of credentials then they – or rather their automated tools will attempt to …
Disabling risky services for any OS or software “out-of-the-box” is always a good idea. If you need it, then you or your system administrators can enable it. A brute force attack is where a threat actor – or normally a threat actor computer – will try a range of different …
