#One Time Verification Code

Not an email from a hacker + no new breach Always change your password from the official website + have Multifactor Authentication on

149 Million Passwords LEAKED A massive data breach has exposed 149 million credentials from Gmail, Instagram, and Facebook. Discovered by Jeremiah Fowler, this info-stealer malware leak is critical—check your security now. #databreach #gmail #meta

⚠️ Most Microsoft 365 breaches aren't sparked by fancy zero-days. They start with the basics you've been postponing: security controls stuck in "report-only" mode for months (or years). Conditional Access policies written, tested... then left gathering dust in audit/report-only instead of enforced. Attackers love this limbo. (2/4) Legacy authentication protocols (Basic Auth, POP/IMAP, etc.) still enabled. These bypass MFA entirely—prime targets for credential stuffing, password spray, and brute-force. Microsoft has templates to block them, but many orgs delay enforcement after seeing "impact" in report-only logs. Result: AI-automated attackers scan and exploit these open doors in seconds. No exploit dev required. (3/4) High-privilege app registrations & service principals with excessive permissions sitting untouched. Dormant for years, never audited. One compromised credential → full tenant access via Graph API or whatever the app can reach. Add in unpatched Conditional Access drift (outdated locations, exclusions, no device compliance checks) and you have a perfect storm. Your backlog = their automation advantage. (4/4) Bottom line: Move critical CA policies from report-only → enforced (start small, pilot groups). Block legacy auth NOW (use Microsoft's built-in template). Audit & revoke over-privileged apps/service principals. Enable MFA everywhere—no exceptions. AI won't break M365. Your postponed security hygiene will. Fix it before the next alert is a breach notification.

149 MILLION login credentials just leaked. 48 MILLION Gmail accounts exposed. The database wasn’t encrypted. It wasn’t protected. It was just… open. If your email is compromised, hackers can reset passwords, access business tools, and take control of your accounts. This isn’t just personal. Businesses using Gmail and cloud platforms are at serious risk. Change your password. Enable 2FA. Monitor activity. Or let ESSC handle it with 24/7 monitoring and proactive threat protection. 🔐 Stay ahead. Stay secure. #CyberSecurity #GmailBreach #DataLeak #BusinessSecurity #CloudSecurity #CyberAwareness #ESSC #InfoSec #PasswordSecurity #technews

‼️ If you follow these steps, you’re installing this malware. The trick here is that nothing happens unless you paste and run the code yourself. The full breakdown is on YouTube, especially worth watching if you’re big on privacy tools. ▶️ Link in our bio.

Most account takeovers start with something basic. A reused password. ⠀ Cloudflare found that about 41% of successful human login attempts involve leaked credentials. In other words, if you reuse passwords, attackers do not need to “hack” you, they just try what already leaked elsewhere. ⠀ So I built a free tool to make the safe option the easy option: ⠀ NewPasswordGenerator.co.uk ⠀ What it does (all in your browser, no sign-up): ⠀ ✅ Password generator with length control, character sets, and options to exclude ambiguous characters. ⠀ ✅ Passphrase mode (3 to 6 words), with separators and optional caps, numbers, and symbols. ⠀ ✅ PIN and passcode tools, including an optional PIN risk map inspired by Nick Berry’s DataGenetics research into real-world PIN choices. ⠀ ✅ Strength checker that explains entropy, flags risky patterns (runs, repeats, keyboard walks), and estimates crack time. ⠀ ✅ Optional breach check using the Pwned Passwords range method, off by default. ⠀ ✅ Privacy-first by design: generation and checks happen locally, the tool works offline, and there is no analytics, cookies, or tracking. ⠀ Why the PIN bit matters ⠀ Nick Berry analysed 3.4 million leaked 4-digit PINs. “1234” alone was 10.7%, and the top patterns cluster around repeats, simple sequences, and dates. If your PIN “looks human”, it is often predictable. ⠀ If you want one upgrade today: ⠀ - Use a unique 16+ character password per site, ideally stored in a password manager. ⠀ - Use a longer passphrase where you must type from memory. ⠀ - Use alphanumeric device passcodes where supported, and avoid date-like PINs. ⠀ Turn ON MFA or passkeys wherever you can. ⠀ Link in the comments. ⠀ #CyberSecurity #OnlineSafety #PasswordSecurity #DataProtection #UK

Watch a tense 30‑second scenario where a crook tries to steal your password via phishing and social engineering—until a second factor stops them cold. Realistic attack vectors shown: credential capture, OTP phishing, and session-bypass attempts. Quick, punchy, and packed with actionable takeaways for account security. Learn why true 2FA/MFA (different factors like password + TOTP/hardware key) matters, how attackers exploit weak recovery and OTP brute-force, and simple steps to harden your accounts. If this helped, please like and share to warn others. Lesson learned: timber — enable 2MFA if available within your account. #2FA #MFA #Phishing #AccountSecurity #CyberSentinel

Your password is probably in a leaked database right now. We built a free tool that shows you: → How fast it can be cracked → If it’s been leaked in a breach → Exactly how to fix it Tested the most common passwords: ❌ password123 — cracked instantly ❌ John1990 — 2 seconds ⚠️ Summer2024! — 3 hours ✅ purple-monkey-dishwasher — centuries Length beats complexity. Every time. Test yours free → soemailsecurity.com (link in bio) #cybersecurity #passwords #hacked #infosec #dataprivacy

Upgrade from basic MFA to phishing-resistant credentials with passkeys, so attackers can’t exploit stolen codes or credentials. Get started with Microsoft Entra ID. https://youtu.be/36nIaSBJ7_U Secure sign-in across all your devices without relying on passwords or extra apps using passkeys in Microsoft Entra. Register, sync, and use passkeys with just your device’s camera and biometrics, making authentication seamless, fast, and phishing-resistant. As an admin, control who uses which passkey type, streamline recovery with Verified ID, and automatically remediate risk in real time. #SyncedPasskeys #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

🚨 BIG ALERT from Microsoft! ⚠️ Hackers are cleverly abusing OAuth redirect tricks to sneak malware straight past email + browser defenses 😈 Phishing emails lure victims (especially government & public sector targets 🎯) into clicking links that look totally legit → redirect through trusted Entra ID / Google domains → boom! → malware drops via sneaky ZIP files, PowerShell loaders, and DLL sideloading 💥 No token theft needed — just silent redirection to attacker-controlled evil sites 🕸️ Microsoft already killed some malicious OAuth apps, but similar attacks are still active → ongoing monitoring required! 🔍 Stay sharp, check those links twice, tighten app consents & watch redirect URIs! 🛡️

Microsoft has removed passwords on Entra ID. Saved passwords in Authenticator are now also gone and moved to Edge. If you're using passkeys for work or school, double-check your settings! Microsoft just joined FIDO Alliance for the first-ever World Passkey Day, signalling their move towards a passwordless environment. Learn more: https://link.msgsndr.com/sp/9a08649cd42 #CyberSecurity #Passkeys #Microsoft #Passwordless #TechNews #MicrosoftAuthenticator #TechUpdate

149 Million Passwords Leaked: Is Your Account Safe? A month-long security breach has exposed credentials for Facebook, Instagram, TikTok, and even banking apps. Experts warn that these leaks are now "routine," meaning your data is likely already out there. The domino effect of a compromised email can lead to total financial takeover. * 🔍 Scan devices for malware first * 🔐 Use unique passwords for every site * 📲 Enable MFA on all critical apps * 💾 Adopt a password manager 👉 Read the article and see our sources at vp.net/blog or copy/paste: https://s.vp.net/ol8An