For those of you of a certain age, do you remember when we went from plain text email to rich content html emails? Of course, by rich content I mean some bold and italic text and some images! Here is a new attack using old technology – called Kobold Letters. …
More pain for Microsoft and something free for you
Hot on the heels of “New Outlook – Surveillance in the name of profit” comes a report from the US Government’s Homeland Security on how Microsoft handled the 2023 Exchange Online cyber attack. Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (bleepingcomputer.com) Whatever Microsoft says about …
Continue reading “More pain for Microsoft and something free for you”
USB cyber-attack – Device Security (Pt. 4)
I thought I was done with device security for the time being – but then, of course, I got a question from a client. “What about USB drives?” Rather than write a completely new article let me reprint an article I wrote for CyberAwake looking at USB storage security – …
Continue reading “USB cyber-attack – Device Security (Pt. 4)”
You are vulnerable on both Android and Apple phones to this attack
I wrote about a phishing-as-a-service (PhaaS) earlier this week – Threat actors target MFA – here is another one that is active on both iPhones and Android phones. New Darcula phishing service targets iPhone users via iMessage (bleepingcomputer.com) One of the main cyber security issues with PhaaS is that relatively …
Continue reading “You are vulnerable on both Android and Apple phones to this attack”
Threat actors target MFA
Whatever you read here in a few moments – it is my opinion that MFA (Multi-factor authentication) still remains a key tool in protecting your team’s credentials and defending your information. MFA under attack There have always been weaknesses in and attacks against, some very simple such as just annoying …
