Insights

Renewed attacks have begun on SMS services around the globe, making SMS 2-Factor Authentication an unsuitable option for authentication. For $16 USD, an individual can sign up for a service that will intercept a target phone number's SMS messages and send the messages to the number of their choice - as long as the individual is willing to provide a signed "Letter of Authority" in which they promise to be the owner of the said phone number. Platforms such as Sakari are actively being used to breach online accounts containing sensitive information, such as banking and health data. In previous years, attacks targeting Ultra-High Net Worth and Highly-Visible individuals have greatly increased. In July 2020, Graham Ivan Clark brazenly hacked into social media accounts belonging to President Joe Biden, former President Barack Obama, Elon Musk, Kanye West, Bill Gates, Jeff Bezos, Mike Bloomberg, Warren Buffet, Floyd Mayweather, Kim Kardashian, Apple,…

This month is Women's History Month with a dedicated day of March 8th being International Women's Day. As a woman who has been appreciating the women that have come before her and honoring them each day, I don't need a set time to remember them. I think this month needs to be utilized as an opportunity to teach. I think that the young girls and women in schools need to be shown examples of women who have made major contributions in areas where just a few years ago there was nothing. We need to empower those coming up behind with the knowledge that they can succeed in any area they choose and may one day be the first female to hold that position. We need to use this time to invest, encourage, and mentor. It's our chance to make sure that 30 years from now there are no specific gender…

"Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group." - Krebs This vulnerability is remotely exploitable and does not require authentication of any kind, nor does it require any special knowledge or access to a target environment. The attacker only needs to know the server running Exchange and the account from which they want to extract e-mail. "Hafnium primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs," Microsoft said. "HAFNIUM has previously compromised victims by exploiting vulnerabilities in internet-facing servers. Once they've gained access to…