We learned that MFA or 2FA (Multi or Two factor Authentication) is better than just a username and password to authenticate as all security people keep drumming into everyone right? Just to review MFA is a second form if authentication where the first form is a username and password. The second form can be a … Read more
Not just Uber but anyone with a cloud account has an admin account which is susceptible to social engineering hacks. (portswigger article link below) Google example: https://support.google.com/a/answer/57919?hl=en This article is for Google Workspace administrators who manage Gmail accounts for a company, school, or other group. To manage your personal Gmail account, go to the Gmail … Read more
1. The BackupBuddy plugin needs to be updated as it has a critical flaw. 2. If one allows the pingback feature (which tries to notify the blog that a someone linked to it) or notifies another blog that got linked to. It is about a service that notifies when blogs link and get linked. If … Read more
It is September 5th, 2022 and probably as good a time as any to re-evaluate where we are with a general Attack versus Defense analysis: Attackers: Only need to find one problem in defense to overcome and take advantage of to breach a system or network. Once the system is found that can be overtaken … Read more
As written on their Blog (https://blog.lastpass.com) as of August 25th: “Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. “ Essentially they found a developer machine … Read more