Cybersecurity Starts in the Boardroom
Passwords are still an important part of everyone’s cybersecurity, whilst we wait for the passwordless society to come round. Here is a weekend read from Bleeping Computers looking at password strength: Cyber Awake | Train Your Team To Protect Against Cyber Attacks(opens in a new tab) The Benefits of Making …
Continue reading “Let’s talk about passwords again. Complex is king.”
Even someone like me and Dan Goodwin, who wrote the linked article – people who work in cybersecurity all the time. I’m a security reporter and got fooled by a blatant phish | Ars Technica It is worth reading to see what you are dealing with, when it comes to …
Continue reading “Phishing attacks are meant to deceive everyone…”
First see what I have to say about “sophisticated attacks” then we will get into this leak of personal information by an organisation that should have a reasonable spend on cyber-security! Twilio – a communications and phone company based in San Francisco – is reluctant to give away much information on …
Continue reading “Personal data leaked in another “sophisticated” attack”
Threat actors abused open redirects on the Snapchat and American Express websites to steal credentials for Microsoft 365 accounts. URL Redirection to Untrusted Site (‘Open Redirect’) (mitre.org) Get some training sop this does not happen to you, or worse, your team. Cyber Awake | Train Your Team To Protect Against …
Continue reading “Microsoft 365 credentials stolen through redirects”
News of these issues with the National Health Service (NHS) broke yesterday, but I decided to wait for the speculation to die down before reporting on something as important as an essential service we all rely on. The cyber incident impacted the NHS 111 service – not the emergency 999 …
