Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …
Back to Basics – The Collection II
This week the Wednesday Bit is for reminding you about my collection of mini-series and back to basics cyber security primers. There have been a number of additions, updates and changes since I first ran a “Collection” article. Why am I doing this? Because we can all benefit from some …
The Principle of Least Privilege and Authentication, Authorisation and Accountability – A Primer
Authentication, Authorisation and Accountability (AAA) and The Principle of Least Privilege (PoLP) come together in this primer to give you a basic understanding of the importance of knowing who is accessing your information and how much they can access. Another important idea covered here is what happens when something goes …
What the “Principle of Least Privilege” does for you? (pt. 1)
This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first! Let’s start with a simple definition. The Principle of Least Privilege (PoLP) is a fundamental concept in …
Continue reading “What the “Principle of Least Privilege” does for you? (pt. 1)”
Passwords Leaked
In case you missed the memo passwords are important. Storing them in plain text where threat actors can eventually get access to them is a really bad thing. Misconfigured Firebase instances leaked 19 million plaintext passwords (bleepingcomputer.com) It is even worse if those passwords are associated with other sensitive information, …
