Cybersecurity Starts in the Boardroom
Once ransomware gets into an organisation, usually through some type of phishing attack, that organisation will have a problem that will cost it money and will damage its reputation. So, anything that makes it easier for ransomware attacks to flourish and increase has to be bad news for every organisation …
Continue reading “It is a while since I have written about Ransomware”
First let’s get a definition of social engineering: Social engineering is the art of manipulating people to give up confidential information. The types of information compromised can vary, but when organisations are targeted, the criminals are usually trying to trick you into giving them your credentials for secure systems you …
Continue reading “Social Engineering is real and costs organisations money – get your team trained.”
Authentication, Authorisation and Accountability (AAA) and The Principle of Least Privilege (PoLP) come together in this primer to give you a basic understanding of the importance of knowing who is accessing your information and how much they can access. Another important idea covered here is what happens when something goes …
It is never a good cyber security story, when I read there is a security issue with SharePoint – I have written many cyber security plans that depend on the integrity of Microsoft and SharePoint. New SharePoint flaws help hackers evade detection when stealing files (bleepingcomputer.com) Audit logs are a …
Continue reading “SharePoint – More pain for Microsoft but we still have a free gift for you…”
For those of you of a certain age, do you remember when we went from plain text email to rich content html emails? Of course, by rich content I mean some bold and italic text and some images! Here is a new attack using old technology – called Kobold Letters. …
