Last week I wrote about some of the issues with multi-factor authentication: On the same day that I published, The Register also ran an article looking at MFA issues. I am continuing my story next week, but Jeff Burt’s article is worth reading as the more you know about this …
Business Email Compromise
Everyone needs policies and procedures that address the potential risk of business email compromise (BEC). That is when the threat actors through impersonation or compromised credentials get inside an email system and send malicious business instructions to your team pretending to senior people in your organisation or trusted partners. Here …
Did you know that multi-factor authentication can be defeated by threat actors?
Multi-factor authentication (MFA) is not perfect and it can be compromised by threat actors. However, we still stand by our advice to all our clients: Always use MFA – using and authenticator app – whenever it is available. I published an article yesterday on CyberAwake about some of the issues …
Continue reading “Did you know that multi-factor authentication can be defeated by threat actors?”
Emotet is back
Just when it looked like the Emotet spamming/malware operation had stopped, there are widespread reports that it has restarted. Emotet botnet starts blasting malware again after 5 month break (bleepingcomputer.com) Infected Microsoft Office documents are Emotet’s favoured method of malware distribution. Once the email has slipped past your technical defences, …
Steal the code… Dropbox
Dropbox has admitted that 130 of its confidential private GitHub repositories were coped by a threat actor. Among the haul were secret APUI codes. They do reassure users that no user content, usernames or passwords were stolen. Well of course not. That is not the issue. Why bother stealing those …
