He/Him. Microsoft MVP and GitKraken Ambassador. 🌏 Poshsecurity.com. 🏳🌈 Gay. 🐱 Cat owner.
All tagged security
A recent Bleeping Computer article reported that email security company Proofpoint, had observed a massive increase in credential spraying attacks that target Office 365 and G Suite. These attacks leverage legacy email protocols (IMAP) and credential dumps to bypass the multifactor controls provided by these platforms.
Last weekend I spoke at CrikeyCon VI. I am always excited to attend and present at CrikeyCon, the attendees are fantastic and overall the organisers have created an amazing conference ❤.
I forgot to post in December that the video from my NDC Sydney session, The Boring Security Talk, is available on YouTube and Vimeo.
In January, the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) took the unusual step of issuing an emergency directive (EN 19-01) about Mitigating DNS Infrastructure Tampering. Several days, the National Cyber Security Centre (NCSC) which is part of the UK Government Communications Headquarters (GCHQ) also issued an alert on DNS Hijacking activity.