We learned that MFA or 2FA (Multi or Two factor Authentication) is better than just a username and password to authenticate as all security people keep drumming into everyone right? Just to review MFA is a second form if authentication where the first form is a username and password. The second form can be a … Read more
Not just Uber but anyone with a cloud account has an admin account which is susceptible to social engineering hacks. (portswigger article link below) Google example: https://support.google.com/a/answer/57919?hl=en This article is for Google Workspace administrators who manage Gmail accounts for a company, school, or other group. To manage your personal Gmail account, go to the Gmail … Read more
1. The BackupBuddy plugin needs to be updated as it has a critical flaw. 2. If one allows the pingback feature (which tries to notify the blog that a someone linked to it) or notifies another blog that got linked to. It is about a service that notifies when blogs link and get linked. If … Read more
As written on their Blog (https://blog.lastpass.com) as of August 25th: “Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. “ Essentially they found a developer machine … Read more
As per another Black Hat talk by a reporter: “IT industry guilty of ‘lack of imagination’ in failure to anticipate cyber-attack evolution” Kim Zetter gave a talk at BlackHat USA on August 11 about how the new attacks by cyber adversaries have caught the security community flat-footed. Zetter told Black Hat USA: “[Operation Aurora] was … Read more
