Cybersecurity Starts in the Boardroom
We were early adopters when Microsoft launched Office 365, the online services that would become Microsoft 365. Up to then we had been purchasing Microsoft Office licenses each time a new version of Office was released, which was a substantial cost to a small IT company, but we needed to …
It has emerged that senior executives at Microsoft had their emails hacked and monitored by Russian threat actors for nearly 2 months. Microsoft network breached through password-spraying by Russian-state hackers | Ars Technica The attack was not sophisticated. The threat actors – Midnight Blizzard – using nothing more than a …
Microsoft is going to automatically deploy a policy for many of it’s customers that will make it mandatory for administrator users to use MFA. Microsoft will roll out MFA-enforcing policies for admin portal access (bleepingcomputer.com) Of course the admins could turn this policy off – but why would they? Watch …
In several of my most recent IT and Cyber Security Audits I have encountered problems similar to those in this report from the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) – misconfigurations. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations | CISA …
We finished last week with a ransomware story. let’s start this week with another: BlackCat ransomware hits Azure Storage with Sphynx encryptor (bleepingcomputer.com) This ransomware story has a twist, the prolific BlackCat ransomware gang are ow using stolen Microsoft credentials in custom software to execute their attacks. Your takeaway You …
