Cybersecurity Starts in the Boardroom
This one to be specific: WooCommerce admins targeted by fake security patches that hijack sites It is a phishing campaign, attacking the popular WordPress plugin WooCommerce, exploiting admins and their credentials with malicious security patches the admins think they must have – again a classic bit of threat actor social …
Continue reading “I was going to write about a WooCommerce attack…”
Authentication, Authorisation and Accountability (AAA) and The Principle of Least Privilege (PoLP) come together in this primer to give you a basic understanding of the importance of knowing who is accessing your information and how much they can access. Another important idea covered here is what happens when something goes …
Continue reading “Authentication, Authorisation and Accountability – A Primer”
Understanding the principle of least privilege – and then applying it in your organisation – is a fundamental step towards better cyber security. To help you gain the underpinning knowledge as to why this is important, I have written the following two articles: What the “Principle of Least Privilege” does …
Continue reading “The Principle of Least Privilege – A Primer”
The scammers – sorry, cyber criminals – who masquerade as the delivery firm Evri, have been up to their old social engineering tricks again! A couple of weeks back, whilst waiting for a delivery by Evri, I received a scam text message and I wrote about that experience here: Delivery …
When a major retailer suffers a cyber security incident it is going to make headline news… again and again. Here is today’s installment: M&S cyber attack chaos leaves more questions than answers – BBC News We can all learn something about improving our cyber security reponses whilst we watch M&S …
