Cybersecurity Starts in the Boardroom
The latest release of Windows 11, now includes Enhanced Phishing Protection, which sounds complicated, and I am sure the implementation of it is complex, but the security advantage it offers is obvious and simple. Windows 11 will warn you when you type a password into an insecure website or application. …
When a threat actor compromises the coding of software the problems can be widepread – the SolarWinds attack and subsequent distribution of the infected software through legitimate update channels is a classic example. (Ironic but the SolarWinds customers who avoided the attack, were those with a poor cyber security stance …
Continue reading “Back to the supply chain and software compromise”
The original post was published on 16 September 2022 This is a real problem, no software or system should keep any security token in plain text, any time during operation. The user base for Microsoft Teams is in excess of 270 million users – we are part of that number …
The headline equally applies to the abuse of LinkedIn Smart Links: LinkedIn Smart Links abused in evasive email phishing attacks (bleepingcomputer.com) This is a feature in the LinkedIn Sales Navigator and Enterprise versions and allows packages of documents to be sent out and the metrics for the documents can be …
This is what cyber security can become. Not sure what it means? It means navel gazing – thinking about one thing to the exclusion of the wider picture. So what am I talking about? You have been sold anti-virus and a firewall, you’ve set the updates to automatic and have …
American Airlines had to write to customers to explain that personal data had been stolen through a cyber-attack – although they did state in the letter that there was no evidence of that personal data having been misused! I would like to see their evidence of that, because I think …
Continue reading “American Airlines data breach due to employee email accounts being compromised”
Following a breach of security of the international financial technology company Revolut, which was quickly dealt with by their security team, over 50,000 client accounts were compromised and information stolen. Although information such as, email addresses, phone numbers, account data and some limited credit/debit card data was stolen, PIN, detailed …
