CVE-2023-23397: Microsoft outlook vuln
Read More: CVE-2023-23397: Microsoft outlook vulnCVE-2023-23397: Microsoft Outlook Vuln: elevation of privilege vulnerability leads to NTLM credential theft: Very quick and short post today, I have already been contacted today around mitigations for this vulnerability and wanted to get some quick steps out early incase your business is unsure how to check whether you are at risk. My post assumes…
101: Basic Security Posture for WordPress
Read More: 101: Basic Security Posture for WordPress101: Basic Security Posture for WordPress, WordPress is one of the most popular internet technologies in use today, as a tool for amateur and professionals wanting to blog, to sell, to consult or to do almost anything else, nothing comes close to the WordPress ecosystem for flexibility and extensibility – want to build a store…
101: Introducing Microsoft Defender for Endpoint
Read More: 101: Introducing Microsoft Defender for Endpoint101: Introducing Microsoft Defender for Endpoint, one of my favourite role functions is to talk with customers about Microsoft security, of course I like to speak about security in general as well but Microsoft do a really great job covering 80% of what organisations need from a cyber security perspective so I almost always start…
Microsoft Sentinel – reducing spend and log complexity first
Read More: Microsoft Sentinel – reducing spend and log complexity firstMicrosoft Sentinel – reducing spend and log complexity first, Microsoft sentinel is one of the easiest SIEM platforms to switch on and be usable without configuration. But the devil is in the details of what should be configured to ensure that the signal data being ingested is most useful, minimally duplicated and at the lowest…
Articles, As Secure As Practical, ASAP, Azure Active Directory, CISA, CISA Scuba, Defender for O365, Do something, SCUBA, Security Assessment, Security posture
Secure Cloud Business Applications – assess your security
Read More: Secure Cloud Business Applications – assess your securitySecure Cloud Business Applications, assess your security – Best of all it is at no cost and provides guidance on best practise security guidelines for business. When reducing the likelihood of a successful cyber attack we need to break down the approach into various elements, a security assessment such as the CISA SCUBA tool is…
Articles, ACSC, ACSC essential 8, Australian cyber security centre, Cyber risk, Cyber Security Framework, Zero Trust Network ArchitectureProtecting Australian Business from Cyber Crime
Read More: Protecting Australian Business from Cyber CrimeProtecting Australian Business from Cyber Crime, easy title to write and a topic beyond complex to implement for many small to mid sized businesses in 2022, Australia. The secret is that it is not complex to get started on a cyber security journey, it is easy to do the basics and reduce the risk of…
Articles, ACSC, ACSC essential 8, ASD, ASD 8, ASD essential 8, Australian cyber security centre, BreachAs Secure As Practical (ASAP)
Read More: As Secure As Practical (ASAP)As Secure As Practical (ASAP) – As Soon As Possible. In the past few months of 2022 in Australia alone there have been a number of significant cyber breaches across many of our major brand names and this terrible trend is poised to continue to get worse until such time as our organisations uplift their…
Articles, Microsoft Defender for Endpoint, Microsoft Defender for Endpoint Server, Microsoft Defender Vulnerability Management, Threat and vulnerability managementThreat and Vulnerability management
Read More: Threat and Vulnerability managementThreat and Vulnerability management, an absolutely essential part of security for your organisation. Though my dislike for statistics is known, SIXTY percent of breaches are claimed to be from unpatched software and though statistics may be guided by the authorising (paying) agency/vendor, it does not change the underlying seriousness that we all face with keeping…
Australian cyber security centre, Articles, ASD, ASD 8, ASD essential 8, JGES, Just good enough securityMichael Brooke presents the ASD essential 8 on Safari
Read More: Michael Brooke presents the ASD essential 8 on SafariMichael Brooke presents the ASD essential 8 on Safari; recently I had the opportunity to work with TechforGood, an organisation making a difference with Social organisations across Australia. I have two passions other than fishing and family (so four passions in total), these are: Cyber security, the field of cyber security is an industry where…
Carrots, sticks and Donkeys do improve cyber security, part 1
Read More: Carrots, sticks and Donkeys do improve cyber security, part 1Carrots, sticks and donkeys do improve cyber security, part 1. More specifically how to Use the ACSC recommendations to achieve cyber resilience augmented with what organisations are already doing well today. As most organisations in Australia already understand, the Australian Signals directorate Essential Eight is a list of 8, easy (definitely easy) steps to implement…
