Cybersecurity Starts in the Boardroom
Last week I wrote about a technically advanced, highly sophisticated cyber-attack in Hong Kong, that netted the attackers $25m – it all started with some simple social engineering pretexting. You may not have $25m in your bank account but here is the state of play of deep fake hacking What …
Continue reading “Social Engineering – Getting the Victim Ready”
Yesterday was the second Tuesday of the month that means our support team have been reviewing our client monitoring reports and the SOC to check that the Microsoft Patch Tuesday updates have been completed. They will keep an eye on the reports all day to check there are no issues …
Setting up phony websites with just a letter different from the legitimate sites is nothing new – I can remember a marketing company (now defunct) trying to persuade me to buy dozens of variations of our IT support company domain, to capture those potential customers who have “fat fingers” – …
Here is an interesting article from the National Cyber Security Centre about whether you should trust public QR codes. Now we have had experience with this. One of our clients found that someone had stuck a new QR code over the one they displayed in their window. When I investigated, …
Sometimes a cyber-attack is something as easy as adding a button saying “view document” when whale phishing senior people in an organisation. Ongoing Microsoft Azure account hijacking campaign targets executives (bleepingcomputer.com) Your takeaway When was the last time you audited the credentials and associated authorisations of those credentials? If you …
