We cannot emphasise how important multi-factor authentication is to your cyber security – however, of course, the threat actors do have ways around it: Cookie stealing: the new perimeter bypass – Sophos News The threat is malware getting into your system and stealing session cookies that are associated with the …
I have told everyone to use MFA so I do not need to think about more cyber security! UPDATED 14 July 2022
This post was original published on 27 June 2022 Update 14 July 2022 Here is an article from the Microsoft Threat Intelligence Center (MSTIC) and the Microsoft 365 Defender Research Team outlining how the big phishing campaigns backed by experienced and skilled hackers can bypass the security of multi-factor authentication: …
This is a technology exercise in when everything goes wrong!
I was put onto this blog post via Bruce Schneier’s blog. I’ve locked myself out of my digital life – Terence Eden’s Blog (shkspr.mobi) This is why role play and thinking about your operation, is a vital part of creating a cyber security plan that is resilient and provides for …
Continue reading “This is a technology exercise in when everything goes wrong!”
What can you buy on the Dark Web?
Here are a couple of connected articles about how easy it is for even inexperienced threat actors, let alone state sponsored ones, to access the raw materials they need to carry out cyber security attacks. The Dark Web is a market like any other – well almost… If you need …
CISA joint advisory on access control. Are you still missing MFA?
The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …
Continue reading “CISA joint advisory on access control. Are you still missing MFA?”