Following Monday’s post about Microsoft stopping basic authentication for personal accounts, in favour of MFA/token based security, here is a reminder why organisations need to enforce MFA: Scathing report on Medibank cyberattack highlights unenforced MFA (bleepingcomputer.com) No excuses, that includes your very busy CEO and Josephine in accounts who has …
Not business cyber security but important…
Microsoft has announced that of 16 September 2024, basic authentication (using an email address + password) will no longer be an option for personal Microsoft accounts, i.e. Outlook.com, Hotmail.co.uk and Live.com. Microsoft: New Outlook security changes coming to personal accounts (bleepingcomputer.com) To access these accounts users will need to set …
Continue reading “Not business cyber security but important…”
Microsoft Patch Tuesday – June 2024
Yesterday was the second Tuesday of the month that means our support team have been reviewing our client monitoring reports and the SOC to check that the Microsoft Patch Tuesday updates have been completed. Our team will keep an eye on the reports for the next day or two to check there …
Microsoft backs down…
Well it was pretty obvious that the outcry by cyber security and privacy experts around the world, against Microsoft’s proposal to include an automatic function to screenshot your computer every few seconds, to produce a searchable record of EVERYTHING you have done on your computer, was a bad idea. Don’t …
Good privacy = Good Security
If you follow effective privacy principles such as UKGDPR, it can help any organisation create better cyber security. However Bruce Schneier has an interesting essay out this week, where he looks at our degraded expectations of privacy because of modern technology. Online Privacy and Overfishing – Schneier on Security I …
A feature no one asked for
The Information Commissioner’s Office (ICO) is looking into a new feature of Windows 11 and Copilot where the operating system will automatically screenshot what you are doing every few seconds. The upcoming feature, called Recall, will be able to access the locally stored, encrypted images to enhance the user experience …
13 Billion downloads
I am going to quote the BleepingComputer article by Sergiu Gatlan to illustrate the reach of the vulnerability in Fluent Bit. “Fluent Bit is an extremely popular logging and metrics solution for Windows, Linux, and macOS embedded in major Kubernetes distributions, including those from Amazon AWS, Google GCP, and Microsoft …
