This report makes interesting reading – it gives an insight of the big picture of cyber threats and risks. As businesses we have to find our risks in all of this: New Cyber Signals report from Microsoft – Microsoft Security Blog
Because It’s Friday… Data, Data, Data and do you know what a computer data punch card is?
Whilst researching for yesterday’s installment of the Insider Threat series, that I am writing over on our online training site CyberAwake, I read an article by Bret Arsenault, from Microsoft that opened with this quote: The amount of data captured, copied, and consumed is expected to grow to more than …
A series on the Insider Threat – and your first tip on dealing with it!
Recently I have covered a couple of incidents that revolve around a betrayal of trust – often called the insider threat: The Insider Threat – it may be at the top of the company… – Smart Thinking Solutions The Insider Threat and $250,000 – Smart Thinking Solutions This got me …
Continue reading “A series on the Insider Threat – and your first tip on dealing with it!”
Here is some of the open-source software I use – and it has all been targeted!
PuTTY, KiTTY and Sumatra PDF Reader – I did my due diligence before installing these – and now they have been targeted by ZINC, a state-sponsored group operating out of North Korea. ZINC weaponizing open-source software – Microsoft Security Blog Before writing this blog post I had checked my system …
Continue reading “Here is some of the open-source software I use – and it has all been targeted!”
Mass spamming starts with no MFA and credential stuffing
Microsoft has been monitoring and seeing an increase in attacks using malicious OAuth applications, installed on compromise cloud servers that then facilitate mass spamming from Exchange Online servers. Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog The attack started with the threat actor launching …
Continue reading “Mass spamming starts with no MFA and credential stuffing”
Threat actors promise you something that is too good to be true…
One of the key points we cover in our online and real-world cyber security awareness training is that threat actors will exploit human trust and fears. So phishing messages will contain: a threat – your tax bill is overdue see the fine here something nice – we over charged your …
Continue reading “Threat actors promise you something that is too good to be true…”
If you are better informed on the how, what and where of ransomware attacks, you will be better equipped on what decisions you need to take to defend against it.
Here is an article from last week that is an in depth look at the Vice Society hacking gang’s operations. It was issued by the following US government agencies; the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center …