Following Monday’s post about Microsoft stopping basic authentication for personal accounts, in favour of MFA/token based security, here is a reminder why organisations need to enforce MFA: Scathing report on Medibank cyberattack highlights unenforced MFA (bleepingcomputer.com) No excuses, that includes your very busy CEO and Josephine in accounts who has …
Not business cyber security but important…
Microsoft has announced that of 16 September 2024, basic authentication (using an email address + password) will no longer be an option for personal Microsoft accounts, i.e. Outlook.com, Hotmail.co.uk and Live.com. Microsoft: New Outlook security changes coming to personal accounts (bleepingcomputer.com) To access these accounts users will need to set …
Continue reading “Not business cyber security but important…”
Credentials are King
Threat actors are always looking for good sources of valid (stolen) email and password combinations – and there are many hundreds of millions available to them. 361 million stolen accounts leaked on Telegram added to HIBP (bleepingcomputer.com) Once they have these credentials, the threat actors will be trying them out …
Back to Basics – The Collection II
This week the Wednesday Bit is for reminding you about my collection of mini-series and back to basics cyber security primers. There have been a number of additions, updates and changes since I first ran a “Collection” article. Why am I doing this? Because we can all benefit from some …
Threat actors target MFA
Whatever you read here in a few moments – it is my opinion that MFA (Multi-factor authentication) still remains a key tool in protecting your team’s credentials and defending your information. MFA under attack There have always been weaknesses in and attacks against, some very simple such as just annoying …
