I was quoted in this article. It’s always awesome to get quoted. 🙂

https://www.infosecurity-magazine.com/news/microsoft-phishing-campaign-mfa/
I was quoted in this article. It’s always awesome to get quoted. 🙂
https://www.infosecurity-magazine.com/news/microsoft-phishing-campaign-mfa/
I was quoted in good ‘ol ‘El Reg today. It’s cool to see myself quoted on a page I read every morning as I started the day.
This big phish can swim around MFA, says Microsoft Security
I was quoted here about this MFA bypass technique
In this episode, Erich and Javvad talk about fake copyright infringement emails, Carnival cruise line is fined $5 for not having MFA, A Dutch univeristy makes money off a paid ransom, unemployment payments taken offline by ransomware and more.Â
Stories from the show:
Fake copyright infringement emails install LockBit ransomware
https://www.bleepingcomputer.com/news/security/fake-copyright-infringement-emails-install-lockbit-ransomware/
Cruise line operator Carnival hit with $5m fine for failing to implement multi-factor authentication and failing to conduct cyber security training for its staff.
https://www.itpro.co.uk/security/cyber-security/368362/carnival-hit-with-5-million-fine-over-cyber-security-violations
Dutch University retrieves Bitcoin ransomware payment and makes a profit
https://www.theregister.com/2022/07/05/maastricht_university_ransom_return/
Cyberattack shuts down unemployment, labor websites across the US
https://www.theregister.com/2022/07/01/gsi-cyberattack-state-unemployment/
Supermarket chain Wegmans settles with New York over data breach
https://www.reuters.com/business/retail-consumer/supermarket-chain-wegmans-settles-with-new-york-over-data-breach-2022-06-30/
Google Updates Password Manager With New Security, Management ToolsÂ
https://uk.pcmag.com/password-managers/141268/google-updates-password-manager-with-new-security-management-tools
Microsoft rolls back decision to block Office macros by default
https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-back-decision-to-block-office-macros-by-default/
Â
In this episode, Javvad and Erich chat about Alexa bringing voices from the dead, CISA getting serious about Log4Shell, AI being alive and much, much more.
Stories from the show:Â
CISA: Log4Shell exploits still being used to hack VMware servers
https://www.bleepingcomputer.com/news/security/cisa-log4shell-exploits-still-being-used-to-hack-vmware-servers/
Conti ransomware hacking spree breaches over 40 orgs in a month
https://www.bleepingcomputer.com/news/security/conti-ransomware-hacking-spree-breaches-over-40-orgs-in-a-month/
Google engineer put on leave after saying AI chatbot has become sentient
https://www.theguardian.com/technology/2022/jun/12/google-engineer-ai-bot-sentient-blake-lemoine
Alexa could soon speak in a dead relative’s voice
https://www.npr.org/2022/06/23/1107079194/amazon-alexa-dead-relatives-voiceÂ
It’s always cool to be quoted. This time it was about Microsoft 365 users and how they are being targeted by voicemail-themed phishing attacks.
https://www.darkreading.com/remote-workforce/microsoft-office-365-users-raging-spate-attacks
Here is another publication that picked up my quote about Microsoft 365 credential phishing via phishes that appear to be realted to voicemails.
https://www.techrepublic.com/article/targeted-voicemail-phishing-attacks/
It’s always cool to be quoted in an article. This one was about an ongoing vishing campaign using voicemail notifications to steal credentials. An old tactic, but very effective.
https://threatpost.com/voicemail-phishing-scam-steals-microsoft-credentials/180005/