Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now
June 15, 2021 Stu Sjouwerman

New BEC Phishing Attack Steals Office 365 Credentials and Bypasses MFA

Leveraging Microsoft Exchange’s Basic Authentication support, scammers were able to use harvested online credentials and bypass any MFA in place, giving them access to mailboxes.

March 22, 2021 Roger Grimes

Many Ways To Hack MFA

I have spent a lot of time thinking about how to hack multifactor authentication (MFA) solutions. I have done so my whole career, deploying dozens, if not hundreds, of MFA projects. Also, ...

March 16, 2021 Roger Grimes

6 Advanced Email Phishing Attacks

No matter how good your policies and technical defenses are, some amount of phishing will get to your end users in a given month. They must be trained to recognize social engineering ...

March 8, 2021 Roger Grimes

The Good, the Bad, and the Ugly About MFA

I have been in computer security for over 34 years now. Yeah, even I cannot believe how long it has been. I have been a penetration tester over 20 of those years and worked on dozens of ...

March 2, 2021 Stu Sjouwerman

[On-Demand Webinar] Hacking Multifactor Authentication: An IT Pro’s Lessons Learned After Testing 150 MFA Products

Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than ...

March 1, 2021 Stu Sjouwerman

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no ...

December 23, 2020 Roger Grimes

How Can You Be More at Risk With MFA?

In my recent comment on the Solarwinds’ cyber attack, I made the claim that using multifactor authentication (MFA) can sometimes make you more at risk than using a simple login name and ...

December 16, 2020 Roger Grimes

Solarwinds MFA Bypass Attack Pushes Limits

Excellent, long-time, tech reporter Dan Goodin reported in Ars Technica that the recent Solarwinds’ supply chain attack involved hackers bypassing a popular multi-factor authentication ...

December 14, 2020 Javvad Malik

5 Tips For Consolidating Remote Work Tech Debt

In 2020, nearly every organisation embraced remote working to some extent or another. For some, the transition was smooth and easy, as they already had a mobile workforce and were largely ...

December 3, 2020 Stu Sjouwerman

Think Tanks Targeted by APT Actors

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...

Subscribe

Subscribe To Our Blog

Human Ready. AI Ready. One Plaform.

Posts By Topic

View all topics >