Cybersecurity Starts in the Boardroom
Identity theft, as cyber attacks go, is pretty easy to understand – a threat actor gains control of a user’s credentials (identity) and then attacks the service (organisation), posing as that user. There are nuances but that is the attack in the briefest of terms. Credential and identity theft are …
It still works, set up a lot of devices to just try their luck to break into as many M365 accounts as possible – it will work sometimes. In this case over 100,000 devices have been hijacked to create a botnet that also side steps MFA security using an outdated …
Many of my cyber security investigations have involve the compromise of Microsoft 365 credentials. These are a valuable commodity for threat actors, as a carelessly managed set of credentials may give them the keys to raid your information. The latest attack on M365 credentials, in the tech news, is a …
Continue reading “Threat Actors want your Microsoft 365 Credentials”
As 2024 draws to a close and we all start making plans for the holiday season, I thought it would be a good idea to publish an updated list of all my Back to Basics cyber security primers as this week’s Wednesday Bit. These are easy read short series designed …
We have had to deal with several incidents of Business Email Compromise (BEC), where for one reason or another someone has had their Microsoft credentials compromised and a threat actor has got inside their email. It is a serious problem because threat actors make a lot of money from it. …
Continue reading “Why you need to protect your organisation’s M365 credentials”
