In case you missed the memo passwords are important. Storing them in plain text where threat actors can eventually get access to them is a really bad thing. Misconfigured Firebase instances leaked 19 million plaintext passwords (bleepingcomputer.com) It is even worse if those passwords are associated with other sensitive information, …
Why the “Principle of Least Privilege” works and something for free…
The Principle of Least Privilege (PoLP) is a fundamental concept in cybersecurity. It ensures that users are granted only the minimum necessary access rights required to perform their job functions. This principle is one I always enforce in cyber security as it is a powerful way of defending the most …
Continue reading “Why the “Principle of Least Privilege” works and something for free…”
It is hard to keep a secret
I have written many articles describing how the first steps in any cyber security plan has to be the recognition that you and your team need to be able to keep a secret. For instance the first secret is of course to keep any passwords you have been given access …
New ways to steal your credentials
The threat actors do not stand still when it comes to cyber-attacks, they are constantly evolving new attack vectors as we start to understand and combat the current ones. Keeping up with these changes, especially when it comes to phishing emails – which is one of the most common ways …
Cyber Security Updates
The US government’s Cybersecurity and Infrastructure Security Agency (CISA) is a key resource for us to keep up with the cyber security patches issued by the major – and sometimes more fringe – vendors. We especially pay attention in the week of Microsoft Patch Tuesday, as other vendors often issue …
