CSO Magazine

JUNE 23, 2021

With the recent Colonial Pipeline attack , the initial infection point was reportedly an old, unused, but still open VPN account. The password had been found on the dark web rather than obtained via phishing , implying that it had been leaked or reused by a Colonial employee.

VPN 117

VPN Accountability Phishing Authentication 117

Security Through Education

OCTOBER 27, 2021

Connect to a secure network and use a company-issued Virtual Private Network (VPN). Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. The National Cyber Security Alliance (NCSA) recommends these 8 simple tips for remote workers : Think before clicking.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

Malwarebytes

MARCH 23, 2022

In an article on Okta’s website , CSO David Bradbury provided a timeline of the incidents which took place in January. Brute-force attacks against RDP are common , as is phishing, but LAPSU$ is also known to bribe insiders for access. Okta’s statement. The group has not explained how it got access to an RDP session.

CSO 106

CSO Engineering Passwords Cybercrime 106

BH Consulting

OCTOBER 15, 2023

It found the most common intrusion tactics are phishing emails containing malware, Remote Desktop Protocol (RDP) brute forcing, and exploiting Virtual Private Network (VPN) vulnerabilities. MORE Joe Sullivan, Uber’s CSO during its data breach, shares his perspective. MORE Have you signed up to our monthly newsletter?

Ransomware 52

Ransomware Data breaches CSO Cyber Attacks 52

The Last Watchdog

DECEMBER 14, 2023

Instead of arguing about MFA strength, VPN vendor, or nation-state treat actors, let’s finish our conversation about using dedicated administrator accounts and unique passwords. Richard Bird , CSO, Traceable AI Bird The bad guys are showing no restraint in exploiting API security weakness to their advantage.

Cybersecurity 235

Cybersecurity Risk Cyber threats CSO 235