We are privileged to have John O’Mahony, one of the keynote speakers from the Connect London 2023 conference, coming to speak to us, our clients and guests about how smaller organisations can now access corporate level 24/7 continuous cyber security – for a surprisingly low cost per head. John is …
What the “Principle of Least Privilege” does for you? (pt. 1)
This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first! Let’s start with a simple definition. The Principle of Least Privilege (PoLP) is a fundamental concept in …
Continue reading “What the “Principle of Least Privilege” does for you? (pt. 1)”
Why the “Principle of Least Privilege” works and something for free…
The Principle of Least Privilege (PoLP) is a fundamental concept in cybersecurity. It ensures that users are granted only the minimum necessary access rights required to perform their job functions. This principle is one I always enforce in cyber security as it is a powerful way of defending the most …
Continue reading “Why the “Principle of Least Privilege” works and something for free…”
“View Document”
Sometimes a cyber-attack is something as easy as adding a button saying “view document” when whale phishing senior people in an organisation. Ongoing Microsoft Azure account hijacking campaign targets executives (bleepingcomputer.com) Your takeaway When was the last time you audited the credentials and associated authorisations of those credentials? If you …
Chrome gets updates
Google is always on the lookout for security issues Google Chrome and Chromium – many other browsers are based on this technology including Microsoft Edge so it is a rich target for threat actors if they can find a flaw to exploit. When those patches are issued you or your …