I will repeat my warning again this video contains some adult content and humour so do not watch it if you are easily offended. For the rest of us, this video by John Oliver on his Last Week Tonight show is a great explanation about ransomware – if you have …
Back to Basics – The Collection II
This week the Wednesday Bit is for reminding you about my collection of mini-series and back to basics cyber security primers. There have been a number of additions, updates and changes since I first ran a “Collection” article. Why am I doing this? Because we can all benefit from some …
Threat actors target MFA
Whatever you read here in a few moments – it is my opinion that MFA (Multi-factor authentication) still remains a key tool in protecting your team’s credentials and defending your information. MFA under attack There have always been weaknesses in and attacks against, some very simple such as just annoying …
Back to Basics – The Collection.
This week the Wednesday Bit is about is highlighting some of the mini-series and back to basics cyber security primers I have written. Why? Because yesterday when I was speaking with a long-term client about password hygiene in their organisation, they were unaware I had a Password Primer they could …
Phone number recycling
Here is something new to think about: Meta brushes off risk of account theft via number recycling • The Register I must admit I had never thought about this type of leak in a cyber security plan. I am not sure how relevant this is in the UK, but it …
If Microsoft can get it wrong…
It has emerged that senior executives at Microsoft had their emails hacked and monitored by Russian threat actors for nearly 2 months. Microsoft network breached through password-spraying by Russian-state hackers | Ars Technica The attack was not sophisticated. The threat actors – Midnight Blizzard – using nothing more than a …
Unsolicited MFA prompts
Last Wednesday I published my MFA Primer series and part two looks at this type of cyber attack against multi-factor authentication. In brief when the threat actors have a valid set of credentials they repeatedly try and access the service with them, generating multiple MFA requests to your authenticator app. …