I have implemented information control for one-person organisations – because even a small organisation will have some need to share information with other people and organisations. It is an essential step in any IT and Cyber Security Audit to examine who, has access to what information and what steps are …
Supply Chain Attacks
I am always alerting you to the cyber security issues that WordPress and WordPress plugin report – many of you use WordPress and need to be alert to these breaches in your cyber security. Or at least someone in your organisation or supply chain – if you use a thrid-party …
Back-to-Basics – A Phishing Email Primer
I am having a break this week from the “Wednesday Bit”, but what I do have for you is my today is my completed Phishing Email Primer. However my track record for these Back-to-Basics mini-series is that they do not stay “complete” for very long, so do keep an eye …
Going back in time…
This post is about one of my articles from 2023, which having just started on an IT and Cyber Security Audit for an organisation, I realised was relevant to the new project. All the board members and senior managers got a link to this article: Cyber Security The Layer Cake …
Credentials are King
Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …
