Just when it looked like the Emotet spamming/malware operation had stopped, there are widespread reports that it has restarted. Emotet botnet starts blasting malware again after 5 month break (bleepingcomputer.com) Infected Microsoft Office documents are Emotet’s favoured method of malware distribution. Once the email has slipped past your technical defences, …
What do you know about going passwordless? Find out here why you should do it.
Passwordlessness now extends to PayPal… …at least if you have an iPhone. PayPal ditches passwords, at least on Apple devices • The Register Ditching passwords is the best step in preventing the recycling of passwords by users and the subsequent credential stuffing attacks by threat actors. Find out in this …
Continue reading “What do you know about going passwordless? Find out here why you should do it.”
What are the most spoofed brands in social engineering/phishing attacks?
It is not really a surprise, with the exponential rise in home shopping and deliveries because of the pandemic, that the delivery service DHL is the most impersonated organisation when it comes to cyber attacks: DHL named most-spoofed brand in phishing • The Register Microsoft and LinkedIN are close behind. …
Continue reading “What are the most spoofed brands in social engineering/phishing attacks?”
Mis-configuration – a common mistake many organisations make when setting up their cyber security – including Microsoft!
We often find problems with client configurations when we take over jobs, particularly when less-technically-able client try to do-it-themselves. If anyone needs an example as to why getting things set up correctly is difficult, Microsoft made a mistake with a server config and exposed some of their client’s information: Microsoft …
Microsoft updates – not on Patch Tuesday
The issues with Microsoft’s Windows SSL/TLS handshake failures is too important to wait for next month’s Patch Tuesday: Microsoft fixes Windows TLS handshake failures in out-of-band updates (bleepingcomputer.com)
