Cybersecurity Starts in the Boardroom
Usually when I am discussing smartphone app security, Apple iOS has an advantage over Android apps, because of it’s curated App store that stops (most) of the security issues from getting through to the end user’s devices. Now researchers have discovered Amazon Web Service credentials hard coded, by careless developers …
Continue reading “This time there is more of a security issue with iOS rather than Android”
The is active attack running on the internet at the moment targeting the CEOs and CFOs of some of the biggest companies around. These threat actors are not looking for targets of opportunity, for the work they put in they only want targets that can return millions of Pounds or …
Continue reading “Maybe this attack may not target my readers, but you never know?”
I have just written about this supply chain cyber attack: Developer software repositories will always be a prime target for threat actors – Smart Thinking Solutions And here is another phishing attack hunting for the unwary who will reveal their credentials: DoorDash customer info exposed in Oktapus phishing attack • …
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”
Collecting (stealing) credentials is a favourite pastime of threat actors – either to break into accounts directly or to add them to their credential stuffing attacks (looking for those people who reuse passwords) or just to sell on the dark web! Here they are doing it to users of the …
Continue reading “Credential theft – where the threat actors start and some advice”
