Cybersecurity Starts in the Boardroom
The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …
Continue reading “CISA joint advisory on access control. Are you still missing MFA?”
Following my article on Monday here on Smart Thinking: The Guardian has a feature on on going passwordless which is worth reading: TechScape: Apple, Google and Microsoft are about to make passwords a thing of the past | Technology | The Guardian The effectiveness of “passwordlessness” (I just made that …
GitHub is a valuable resource to software developers and so it is a key tool being used in many software supply chains. And we now know how vulnerable we all are to software supply chain hacking – look at this example. So my response when I saw this was the …
Continue reading “GitHub to require 2FA for all users by end of 2023!”
We are always insisting that our clients always use multi-factor authentication (MFA) for absolutely every service they use. It is a prerequisite of any client we manage Microsoft 365 for that MFA is activated and enforced for everyone of their users. However, of course, there are ways that hackers exploit …
This article was first posted on 16 March 2022 Here is some good cyber security advice from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) regarding increased cyber threat activity from the Russia Ukraine conflict. “PrintNightmare” is an escalation of an MFA …
