Cybersecurity Starts in the Boardroom
We use Booking.com for our business travel, so this story was going to make the news this week. ClickFix attack delivers infostealers, RATs in fake Booking.com emails This is a long running phishing campaign that is obviously still having success in trapping victims – targeting organisations that use Booking.com for …
Identity theft, as cyber attacks go, is pretty easy to understand – a threat actor gains control of a user’s credentials (identity) and then attacks the service (organisation), posing as that user. There are nuances but that is the attack in the briefest of terms. Credential and identity theft are …
It still works, set up a lot of devices to just try their luck to break into as many M365 accounts as possible – it will work sometimes. In this case over 100,000 devices have been hijacked to create a botnet that also side steps MFA security using an outdated …
Many of my cyber security investigations have involve the compromise of Microsoft 365 credentials. These are a valuable commodity for threat actors, as a carelessly managed set of credentials may give them the keys to raid your information. The latest attack on M365 credentials, in the tech news, is a …
Continue reading “Threat Actors want your Microsoft 365 Credentials”
As 2024 draws to a close and we all start making plans for the holiday season, I thought it would be a good idea to publish an updated list of all my Back to Basics cyber security primers as this week’s Wednesday Bit. These are easy read short series designed …
