Cybersecurity Starts in the Boardroom
Phishing email cyber-attacks have to be the most common cyber-attack directed at any organisation. Most are trying to get the victim to reveal their credentials, often for Microsoft 365. Every week I spend time with clients discussing or investigating phishing emails and helping them put systems in place to help …
I have written about three of the ways ransomware hackers can extort you in my Ransomware Primer Mini-Series: Now the ALPHV/BlackCat ransomware gang has come up with yet another method to get organisations to pay their ransoms. In the US there is a legal obligation for publicly traded companies to …
Continue reading “Yet another way for ransomware gangs to extort you”
I have published another part in my Back-to-Basics MFA Mini-series over on CyberAwake. What’s Wrong with MFA – CyberAwake
One of the things that came out of the conference I attended on Tuesday in London, was defence in depth, combatting the ways in which the threat actors have expanded their attack vectors and tactics to evade various modern technical and human defences. The message we should all take from …
I hadn’t, but the threat actors are now using ZPAQ files to distribute malware. A ZPAQ file is an archive file, like .ZIP and .RAR, it is open source and is used on a command line – so not something the average office-based user would need to know about or …
