credential stuffing Archives

Microsoft Teams Used in Social Engineering Attacks

Highly targeted phishing attacks have been carried out by the threat actor Midnight Blizzard, previously known as NOBELIUM, via Microsoft Teams. These attacks targeted a range of organisations including government and non-government organisations, IT services, technology businesses, manufacturing, and media companies. Through social engineering techniques Midnight Blizzard were able to achieve token and credential theft […]

Microsoft Teams Used in Social Engineering Attacks Read More »

LinkedIn Accounts Hijacked By Cyber Criminals

News, Vulnerabilities / Ian Reynolds

LinkedIn accounts have been targeted by attackers in hacking events that have led to users being locked out of their own accounts by LinkedIn, and unable to recover them through LinkedIn support. The cyber criminals conducting these account takeover attacks have pressured their victims into paying ransoms to recover their accounts under the threat of

LinkedIn Accounts Hijacked By Cyber Criminals Read More »

Key lessons from the 2021 Data Breach Investigations Report

Articles, Information Assurance / Ian Reynolds

The 2021 Data Breach Investigations report provides insights from the analysis of over 29,000 real world cyber security incidents from 2020 helping Security Managers track the evolving behaviour and tactics of threat actors. The Verizon Data Breach Investigations report has become a regular fixture on the annual cyber security calendar over the last 14 years.

Key lessons from the 2021 Data Breach Investigations Report Read More »

CISA Warns of Pass-the-Cookie attack

News / Ian Reynolds

The American CISA has warned they have detected ongoing attacks against several organisations cloud services. The alert from CISA states that: The Cybersecurity and Infrastructure Security Agency (CISA) is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors are using phishing and other vectors to exploit poor cyber hygiene practices within

CISA Warns of Pass-the-Cookie attack Read More »

91% of targeted cyber-attacks start with email

News / Ian Reynolds

A report published by Barracuda Networks and researchers at UC Berkley which examines email compromise attacks at 111 organisations sheds light on how email is abused in cyber-attacks – often as the opening shot in the attack. The research reveals that 30% of the attacks were part of the emerging economy of ‘accounts for sale’

91% of targeted cyber-attacks start with email Read More »

Microsoft advises SIEM to help defend RDP

News, Tools, Uncategorized / Ian Reynolds

In a recent whitepaper, Microsoft provides advice on how to spot RDP attacks in Windows event logs while the attack is still underway. The paper titled: “Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks” succinctly explains the risk posed by RDP servers when published to the internet:

Microsoft advises SIEM to help defend RDP Read More »

What is SIEM?

Articles, Information Assurance, Infrastructure / Ian Reynolds

Security Information and Event Management – SIEM – is the ability to collate and analyse events from across the network in real time in order to detect security incidents and attacks. Many organisations first encounter SIEM when it becomes a compliance exercise in order meet the requirements of a security framework such as PCI-DSS or

What is SIEM? Read More »

Credential Stuffing on the Rise

News / Ian Reynolds

In a recently published report on the state of the Internet security, Akami Research notes that they detected an average of 115 million credential stuffing attacks against their clients each day in 2018. Credential Stuffing is, according to OWASP: “the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts.

Credential Stuffing on the Rise Read More »

credential stuffing

LinkedIn Accounts Hijacked By Cyber Criminals

Key lessons from the 2021 Data Breach Investigations Report

CISA Warns of Pass-the-Cookie attack

91% of targeted cyber-attacks start with email

Microsoft advises SIEM to help defend RDP

What is SIEM?

Credential Stuffing on the Rise

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch