I am frequently asked what I think of DropBox or other method for organisations to share files across the internet with other organisations, often after I have been speaking about Microsoft 365, OneDrive and SharePoint. Possibly after I have mentioned that these services that have, authentication, authorisation and accountability (AAA) …
Be very careful when you log-in online – things may not be what they seem
This browser-in-the-browser (BitB) is a technique for deceiving the user into thinking they are using a legitimate online login screen, such as when you log in to Microsoft 365 or Google Workspace. This browser-in-the-browser attack is perfect for phishing • The Register Behold, a password phishing site that can trick …
Continue reading “Be very careful when you log-in online – things may not be what they seem”
New Android malware – Escobar – stealing MFA codes among other secret data
Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes | TechRepublic A version of this malicious software was found in circulation cloaked as McAfee software. This software is being offered for rent on the Dark Web so it could be used by multiple hackers who do not …
Continue reading “New Android malware – Escobar – stealing MFA codes among other secret data”
Guernsey sees an increase in phishing email cyber attacks – training is the best defence
According to the States of Guernsey islanders have faced a rapid increase in cyber attacks since the start of the Ukraine Russia conflict. This is based on information from a local cyber-security firm, who had a client hacked by phishing emails. Guernsey cyber-security warning for islanders and businesses – BBC …
There is no “one sentence solution” for defending yourself or your organisation against cyber attacks via email
The reason a “single sentence solution” is no defence is that the cyber criminals have exploited the natural human tendency to trust.