There has been a terrible series of earthquakes in Syria and Turkey – so expect the amount of scam traffic email, texts and websites to leap up in the coming days as the scammers take advantage of people’s suffering and other’s compassion. This article by Johannes Ullrich has some very …
Practice Drinking Coffee* better known as Planning and Preparation
Sorry, this is not a coffee* appreciation article it is an article about planning and preparation for an incident. Planning and Preparation = Good Governance Businesses and organisations need a cyber security policy and a plan covering what they do to mitigate the risk of an incident and what they …
Continue reading “Practice Drinking Coffee* better known as Planning and Preparation”
Another Password Vault Under Attack
Following LastPass security issues, BitWarden has seen some traction as an alternative – especially as you could run your own BitWarden server – I wrote about that here. Now BitWarden (among other password vault software) has come under threat via a malicious Google Ads phishing campaign, where the threat actors …
Do you know what an Excel XLL file is? The hackers do.
An Excel XLL file is a an add-in file that allows third parties to add extra functionality to Microsoft Excel – pretty useful. But of course the threat actors have extended that third party functionality to include malware. Now, just like with macros, Microsoft is blocking XLL files, originating from …
Continue reading “Do you know what an Excel XLL file is? The hackers do.”
Close one door and another opens
I had an article published yesterday discussing the risks still posed by the Microsoft Office macro, even though Microsoft has tightened the security when using them: Microsoft Office Macros Are Still an Issue – CyberAwake But the threat actors do not stop there. Closing the macro attack vector sent the …
