The US government Cybersecurity and Infrastructure Security Agency (CISA) is a trusted source of information on security updates and exploited vulnerabilities. My team use it as one of their go to resources. The latest updates include the other vendors that release updates around the same time as Microsoft’s Patch Tuesday. …
Move away from text- or voice-based multi-factor authentication
Let’s take a look at what good multi-factor authentication is. I am writing a mini-series for CyberAwake about the mistakes users make when choosing a secure password and how hackers can exploit those mistakes, so a quick look at MFA seems like a good idea. What is multi-factor authentication? A …
Continue reading “Move away from text- or voice-based multi-factor authentication”
Take care with unsolicited Teams files
A series of phishing attacks are being run using infected .zip files distributed via Microsoft Teams: Microsoft Teams phishing attack pushes DarkGate malware (bleepingcomputer.com) The zip file says it is a vacation schedule – but it is not really. A quick look at the article will show you how convincing …
Security Updates
The US government Cybersecurity and Infrastructure Security Agency (CISA) – an excellent source for keeping up with cyber security vulnerabilities and updates – has issued advisories for a number of products: VMware Releases Security Updates for Aria Operations for Networks | CISA Juniper Networks Releases Security Advisory for Junos OS …
Another Council with Ransomware
St. Helens Metropolitan Borough Council has reported a ransomware attack and is working with authorities to investigate and deal with the issues. Details are not available yet of any data theft of citizen’s information or extortion but it has had an impact on the council services St Helens Council still …