Cybersecurity Starts in the Boardroom
Microsoft has been monitoring and seeing an increase in attacks using malicious OAuth applications, installed on compromise cloud servers that then facilitate mass spamming from Exchange Online servers. Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog The attack started with the threat actor launching …
Continue reading “Mass spamming starts with no MFA and credential stuffing”
…with great power there must also come — great responsibility! Stan Lee – Amazing Fantasy #15 (1962) A company with little accountability can blacklist your organisation’s email servers and not tell you why – and your hosting company pays for the privilege: Sp*mh**s warns email hygiene has worsened • The …
Continue reading “Is your email server blacklisted? The Peter Parker Principle.”
This was going to be a “weekend read” but I thought it was important enough to be part of the main news feed. For an email phishing scam to work it has to, in some way, make you trust it. This exploitation of your trust is called social engineering and …
Continue reading “Email scams – how hard is it to spot them?”
There has been a big increase in spam because of the COVID-19 pandemic. Here is a radio programme going into the history, background and modern use of Spam. Not quite what you expect… https://www.bbc.co.uk/sounds/play/m0016wwx
It is always good to know the latest ways hackers are trying to deceive you. An obvious way to make you feel comfortable with their junk email is to make it look like a legitimate security tool report. Here is a good example reported by SANS Internet Diary of just …
Continue reading “More phishing spam – education is the best defence”
