We often find problems with client configurations when we take over jobs, particularly when less-technically-able client try to do-it-themselves. If anyone needs an example as to why getting things set up correctly is difficult, Microsoft made a mistake with a server config and exposed some of their client’s information: Microsoft …
US Cybersecurity and Infrastructure Security Agency security advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued security advisories for Zimbra and Oracle: CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite | CISA Oracle Releases October 2022 Critical Patch Update | CISA
Do Not Use Microsoft Remote Desktop – it can be a gateway for ransomware.
I have said this before, do not use Microsoft Remote Desktop (RDP) as it is too easily attacked and exploited, even if you use a non-standard port number – there are better solutions out there. Just to make the point – here is a new ransomware attack exploiting RDP. – …
Continue reading “Do Not Use Microsoft Remote Desktop – it can be a gateway for ransomware.”
Why threat actors will stick with phishing attacks rather than moving onto move hi-tech attacks?
I really liked this article. I have covered various highly involved cyber attacks over the last few months, deepfakes, hacking cars, air–gap attacks but as it describes in this article, you can use technology to steal those credentials or you can just ask nicely for them: Phishing works so well …
National Cyber Security Centre Threat Report 14 October 2022
Threat Report 14th October 2022 – NCSC.GOV.UK
