CISO.pm – Cyber Security news and opinion

The Domain Registration Renewal Scam

One of the domains we own and use received the following notification – actually through the Contact Us form on the website, CAPTCHA and all. The formatting is down to how the online form is…

Stupid Password Requirements

Or lack thereof Some recent experience has resulted in the creation of some accounts on certain SaaS HR recruiting platforms, namely Successfactors and Taleo. As a long-time user of password manager solutions (presently Bitwarden), I…

Best Browser Configuration

Introduction For any user, there are functional requirements of a browser as well as certain privacy and tracking requirements (certainly for the “Haves” accessing the Internet!!). Some functionality can be added as Extensions or Add-ons…

The Canary in the Cloud

OpenCanary 2.0 in Oracle Cloud continues to flourish. The main reporting mechanism is a webhook into Loggly from SolarWinds and it gives an overview of the connection attempts to the Canary along with the ports,…

The LastPass Hack

Background LastPass revealed in December 2022 and in August 2022 that they had been hacked. The two incidents are absolutely related as the criminals who lifted the LastPass customer vaults in December got the secrets…

DHL Phishing Campaigns

As reported by Check Point in October 2022, DHL is the brand most imitated by criminals attempting to phish credentials and payment information during Q3 of 2022. The scam typically dupes the victim into paying…

Fiction: Sarah’s Security Incident

A ChatGPT Story It was a typical Wednesday morning when Sarah, the IT manager at a small energy company, received the alarming call from her boss. One of the company’s accounts had been hacked, and…

My First Security Incident

It would have been 1993, most likely the summer. There I was, working my first job which was Desktop Support at a Life & Pensions company in Reading, England. Background The building I was focused…

Finding a Brother MFD Password

We have a well-equipped home office and of course, in that office, we have a combi-device – printer, scanner and a fax machine (hey, they were popular once!). I installed Nessus Essentials to scan my…

Data Loss Prevention – according to ChatGPT

With ChatGPT being released to public beta recently, I decided to engage with it on the topic of Data Loss Prevention. Here’s what I requested: write a 1000 word essay on why data loss prevention…

Load More