Cybersecurity Starts in the Boardroom
My article on one of the methods used by threat actors to erode our faith in multi-factor authentication (MFA) was published over on CyberAwake yesterday: More on MFA and your risks when using it – CyberAwake
Last week I wrote about some of the issues with multi-factor authentication: On the same day that I published, The Register also ran an article looking at MFA issues. I am continuing my story next week, but Jeff Burt’s article is worth reading as the more you know about this …
Multi-factor authentication (MFA) is not perfect and it can be compromised by threat actors. However, we still stand by our advice to all our clients: Always use MFA – using and authenticator app – whenever it is available. I published an article yesterday on CyberAwake about some of the issues …
Continue reading “Did you know that multi-factor authentication can be defeated by threat actors?”
Whilst I have been away CISA has continued issuing useful advice. It added a Google Chromium vulnerability to the Known Exploited Vulnerabilities Catalog. Google Chromium is an open–source browser project and is behind many widely used browsers including Google Chrome and Microsoft Edge. CISA Has Added One Known Exploited Vulnerability …
Today there is an excellent illustration of how a phishing attack works on SANS Internet Storm. It is complete with the offer of something the victim wants and then simply steals the Microsoft credentials the victim supplies – all because of a well-crafted spam email. Credential Harvesting with Telegram API …
