Cybersecurity Starts in the Boardroom
It would have been difficult to miss the fact that Marks and Spencer, the Co-Op and Harrods have all suffered serious cyber-attacks recently. There has been speculation that the attacks originated from a phishing attack, as the hacking group DragonForce bragged in an email that they had hacked an employee …
Today we are talking About Links and here are a couple of questions to get us going on the topic: How realistic is the advice “don’t click on that link”? How many times in the day do you need to click on a link to do your work? Now I …
Continue reading “Don’t Blame your Team – “Just Click Here””
Identity theft, as cyber attacks go, is pretty easy to understand – a threat actor gains control of a user’s credentials (identity) and then attacks the service (organisation), posing as that user. There are nuances but that is the attack in the briefest of terms. Credential and identity theft are …
It still works, set up a lot of devices to just try their luck to break into as many M365 accounts as possible – it will work sometimes. In this case over 100,000 devices have been hijacked to create a botnet that also side steps MFA security using an outdated …
Many of my cyber security investigations have involve the compromise of Microsoft 365 credentials. These are a valuable commodity for threat actors, as a carelessly managed set of credentials may give them the keys to raid your information. The latest attack on M365 credentials, in the tech news, is a …
Continue reading “Threat Actors want your Microsoft 365 Credentials”
