Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now
May 5, 2022 Stu Sjouwerman

Microsoft is Leading the Way to a Password-Less Future

As we observe World Password Day to create awareness around the need for password security, Microsoft is looking for frictionless ways to eliminate passwords entirely.

April 18, 2022 Stu Sjouwerman

“Being Annoying” as a Social Engineering Approach

Attackers are spamming multifactor authentication (MFA) prompts in an attempt to irritate users into approving the login, Ars Technica reports. Both criminal and nation-state actors are ...

March 28, 2022 Roger Grimes

Making Better Push-Based MFA

I used to be a huge fan of Push-Based Multifactor Authentication (MFA), but real-world use has shown that most of today’s most popular implementations are not sufficiently protective ...

February 17, 2022 Stu Sjouwerman

Scammers Use a Mix of Stolen Credentials, Inbox Rules, and a Rogue Outlook Client Install to Phish Internal and External Victims

Organizations that are not using Microsoft’s multi-factor authentication are finding themselves victims of credential attacks that involve threat actors installing Outlook on a controlled ...

February 3, 2022 Roger Grimes

The 4 Things You Should Be Doing Right Now To Best Improve Your Cybersecurity

The key to really good cybersecurity is to concentrate on just 4 things. Master them first before you begin to try and do the other hundreds of things that everyone else is going to tell ...

October 20, 2021 Roger Grimes

U.S. Government Says To Use Phishing-Resistant MFA

The U.S. government has been pushing people to avoid SMS- and voice call-based multi-factor authentication (MFA) for years, but their most recent warning is to avoid any MFA that is ...

October 3, 2021 Stu Sjouwerman

Hackers rob thousands of Coinbase customers using phishing attacks and an MFA flaw

Bleepingcomputer was first to report: "Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's ...

August 18, 2021 Stu Sjouwerman

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.

August 10, 2021 Stu Sjouwerman

Cyber Insurance Industry Wrongly Hedging Its Bets on MFA

Because of ransomware attacks, I have been covering the cybersecurity insurance industry for a few years, including here. I even have a whole chapter dedicated to cybersecurity insurance ...

June 21, 2021 Stu Sjouwerman

Credential Stuffing in the Travel and Retail Sectors

The travel and retail sectors are the top targets for credential stuffing attacks, according to Auth0’s State of Secure Identity report. Credential stuffing is a type of brute-force ...

Subscribe

Subscribe To Our Blog

Human Ready. AI Ready. One Plaform.

Posts By Topic

View all topics >