This report makes interesting reading – it gives an insight of the big picture of cyber threats and risks. As businesses we have to find our risks in all of this: New Cyber Signals report from Microsoft – Microsoft Security Blog
Because It’s Friday… Data, Data, Data and do you know what a computer data punch card is?
Whilst researching for yesterday’s installment of the Insider Threat series, that I am writing over on our online training site CyberAwake, I read an article by Bret Arsenault, from Microsoft that opened with this quote: The amount of data captured, copied, and consumed is expected to grow to more than …
A series on the Insider Threat – and your first tip on dealing with it!
Recently I have covered a couple of incidents that revolve around a betrayal of trust – often called the insider threat: The Insider Threat – it may be at the top of the company… – Smart Thinking Solutions The Insider Threat and $250,000 – Smart Thinking Solutions This got me …
Continue reading “A series on the Insider Threat – and your first tip on dealing with it!”
Here is some of the open-source software I use – and it has all been targeted!
PuTTY, KiTTY and Sumatra PDF Reader – I did my due diligence before installing these – and now they have been targeted by ZINC, a state-sponsored group operating out of North Korea. ZINC weaponizing open-source software – Microsoft Security Blog Before writing this blog post I had checked my system …
Continue reading “Here is some of the open-source software I use – and it has all been targeted!”
Mass spamming starts with no MFA and credential stuffing
Microsoft has been monitoring and seeing an increase in attacks using malicious OAuth applications, installed on compromise cloud servers that then facilitate mass spamming from Exchange Online servers. Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog The attack started with the threat actor launching …
Continue reading “Mass spamming starts with no MFA and credential stuffing”