Kicksec Blog: News, Opinions and more (or less)
All opinions on this blog site are that of the writer alone and should not be taken as advice without reviewing other sources of information regarding the topic of cyber resilience in industry.
When to Microsoft Sentinel and when to just XDR!
When to Microsoft Sentinel and when to just XDR! Microsoft security is a topic close to my heart, there are a lot of advanced topics out there so why not go simple I say. Today I want to discuss when Microsoft Sentinel is the right choice for your clients business and some tips and trick…
Total Tools Totally messed up – Credit card details stolen for 30k customers
Total Tools Totally messed up – Credit card details stolen for 30k customers have been stolen in a Cyber security breach for the ages. This article is my opinion and is based on the information that has been presented so far, as I have not completed the Incident Response for Total Tools I can not…
Social Media scamming – looking out for yourself and others
I have written this blog post to try and help people avoid scams, it may be overly detailed so I hope that the content is useful to stopping someone from being the victim of a scam. Social Media scamming – looking out for yourself and others, it is no secret that today (tomorrow too!) there…
Add AI to cyber security software, just because….
Add AI to cyber security software, just because…. Not calling out any particular vendor here, but calling out the fact that it has required a marketecture shift to AI is the new snake oil for a vendor to adopt an old technology, Bayesian Machine Learning is nothing new, more details are here about Bayesian ML…
Safeworlds TV Scam is finally being uncovered
Safeworlds TV Scam is finally being uncovered, several years ago I was introduced to an opportunity that seemed “too good to be true”, a chance to ‘invest’ (invest is a term I will come back too) in the next big thing, bigger than Google and Youtube, bigger than eBay (in 2013), larger than Amazon and…
The fallout, Indonesian Ransomware incident 2024
The fallout, Indonesian Ransomware incident 2024, depending on how you look at this it is a bit of a disaster, because rather than simply resolve the problem – it is very likely that the Indonesian Government will want to decentralise their data to avoid any ransomware incident in the future affecting such a large swath…
AI the biggest hype bubble for 2024
AI the biggest hype bubble for 2024 If you are not already aware of the fact that AI is going to take your job and then subsequently take over the world, then you are living under a rock. Before that time (the end of the world) though there are a plethora of opportunities for you…
ASD8 – Implementing Australian Signals Directorate Essential Eight with Microsoft
ASD8 – Implementing Australian Signals Directorate Essential Eight with Microsoft. Introducing ASD8 and Microsoft The Australian signals Directorate has been a frontrunner in creating, guiding and improving the cyber security posture of Australian Government and non government entities, through the Essential 8 cyber security controls which I have previously covered here and here are critical…
A man, a Goat, and a Boat meets generative AI
A man, a Goat, and a Boat meets generative AI Ask a Large Language model the question, “A man is walking with a goat and they come to a river with a small boat on their side. How can they get across the river?” The answer that is generated is not the sensible answer, being…
Ticketmaster – When a third party supplier breach is not what it appears
Ticketmaster – When a third party supplier breach is not what it appears. As many of us learnt whilst growing up, most of the time obfuscating facts to portrait yourself in a brighter light actually creates a bigger problem. Now as an adult I am not going to have my parents tell me off but…
Kicksec’s Data has been breached – again
Glossed over the email from Firstmac on Friday, reporting that my data has been gathered in a “limited” cyber security breach of their systems, limited now days includes sensitive citizen data clearly.
Microsoft Copilot for Security Ninja Now operating and at your service!
Microsoft Copilot for Security Ninja Now operating and at your service I recently completed my Microsoft Copilot for Security Ninja training, now I’m ready for those Security copilot conversations with Partners and customers….. of course this is not true! I am but a mere amateur. I do have the ‘certificate’ but I am no expert…
LogRythm, Exabeam, Splunk, Qradar, Palo Alto …. arrr
LogRythm, Exabeam, Splunk, Qradar, Palo Alto …. large cyber security acquisitions are happening to the left, to the right and straight ahead too, what is going on and why is this occurring? For those 15 of you who have not read the news yet, here it is: LogRythm and Exambeam join forces, Splunk is acquired…
NSW Clubs – Impacted by Breach of customer data
NSW Clubs – Impacted by Breach of customer data Another Australian business affected through a 3rd party cyber incident, though in the linked article (at the footer of this post) great pains are taken to explain that it is not their own systems but rather a 3rd party, yet who owns the data that has…
Microsoft Office Macro security – Are you covered?
Microsoft Office Macro security – are you covered? Microsoft Office macros are an amazing way to automate and script many parts of a business process, sometimes directly on an Office document, Spreadsheet or PowerPoint but also for interacting with third party data, the operating system and more, which is also why the recommendation today in…
AI devices currently, nothing but “hot Air”
AI devices currently, nothing but “hot Air”, problems with what is possible with our voice, conflicts with the ideas of start up founders to make money. Mr Who’s The Boss, a YouTube influencer and content creator summarised this with another AI device vying for our wallets here very succinctly. If you plan to buy this…
Consulting Integrity
Consulting with Integrity is critically important in my industry of Cyber Security, there are many consultants preaching to be what they are not, “knowledgeable” people. The Cyber security industry is fully of vendors and sellers trying to position security tooling as a solution to a cyber risk problem. I want to share a recent story…
A picture is not always worth a thousand words
A picture is not always worth a thousand words, cyber security vendors please take note Question: When is a picture NOT worth a thousand words? Answer: When it has no context Just like my photo, it has no context and therefore would by of little interest to anyone who wasn’t on the same trail with me…
From Backup to resilient cyber security
In the Beginning From Backup to resilient cyber security: Best practises for Information Technology such as “Least privilege access”, “Admin account segregation”, “Operating system patching”, “Multi-factor authentication”, even “Patching and updating applications” have been around for many years, undertaken as ritual by many Information Technology departments within businesses across Australia as best practise maintainence, without…
Four actions for protection with Microsoft Defender for Endpoint
Four actions for protection with Defender for Endpoint: Originally written by myself for Crayon and sharing here to help other organisations move past Endpoint Detection and response into preventative technologies to improve your security posture. Introduction Often I am asked the question, “Why should I use Defender for Endpoint, I use product ‘X’ and Product…
