The original post was published on 16 September 2022 This is a real problem, no software or system should keep any security token in plain text, any time during operation. The user base for Microsoft Teams is in excess of 270 million users – we are part of that number …
Credential stuffing attacks
This research by Okta highlights the issue of users recycling passwords: Okta: Credential stuffing accounts for 34% of all login attempts (bleepingcomputer.com) There were more login attempts by threat actors than legitimate ones! They were just trying out passwords to see if someone was stupid, (sorry if you do not …
Technology in Schools
I have a friend from the MSc course, who is a teacher here in the UK, and he is often caught by the schools very high security stance, when he is trying to teach cyber security to his students. Many of the legitimate sites and resources he wants access to …
Every major event will attract cyber criminals. What is your organisation doing on Monday 19 September?
The death of Her Majesty Queen Elizabeth II and the associated ceremonies and period of national mourning will be no exception: Potential phishing activity update – NCSC.GOV.UK The National Cyber Security Centre has issued a warning that the potential for malicious phishing, social engineering and scam cyber-attacks is very high …
Apple moves to killing off the password…
Yesterday Apple had its September event where all the new toys were revealed, including iOS 16 – which will be on the new devices announced and available as an upgrade for iPhones going back to 2017. The new iOS and MacOS will both support passkey security rather than passwords. Apple …
