Optus, Medibank and Latitude, YOU are responsible for your clients data
Read More: Optus, Medibank and Latitude, YOU are responsible for your clients dataOptus, Medibank and Latitude, YOU are responsible for your clients data Just the same as all businesses who hold sensitive personal information, you may not want to admit this but you are responsible for your clients data security where their sensitive data is stored on your platform. How do the above machines stay safe? From…
CVE-2023-23397: Microsoft outlook vuln
Read More: CVE-2023-23397: Microsoft outlook vulnCVE-2023-23397: Microsoft Outlook Vuln: elevation of privilege vulnerability leads to NTLM credential theft: Very quick and short post today, I have already been contacted today around mitigations for this vulnerability and wanted to get some quick steps out early incase your business is unsure how to check whether you are at risk. My post assumes…
Articles, ACSC, ACSC essential 8, ASD, ASD 8, ASD essential 8, Australian cyber security centre, Breach
As Secure As Practical (ASAP)
Read More: As Secure As Practical (ASAP)As Secure As Practical (ASAP) – As Soon As Possible. In the past few months of 2022 in Australia alone there have been a number of significant cyber breaches across many of our major brand names and this terrible trend is poised to continue to get worse until such time as our organisations uplift their…
0-day Atlassian Confluence vulnerability, no patch yet
Read More: 0-day Atlassian Confluence vulnerability, no patch yet0-day Atlassian Confluence vulnerability, no patch yet. Known as CVE-2022-26134 it was acknowledged by the Atlassian team on the 31st May 2022. Update 04/06/2022: patch for the Atlassian Zero day is available here. A quick google search for “Confluence wiki”, CSIRO pops up an already disabled confluence site, any attacker has much more capable tools…
Articles, Airlock Digital, Application Control, Breach, Cyber Security Framework, Endpoint Detection Response, EPP, Microsoft, Microsoft Defender, Microsoft Defender for Endpoint, Zero Trust Network Architecture, ZTNAFollina 0 day – Office lets the bad guy waltz right in, WRTF!
Read More: Follina 0 day – Office lets the bad guy waltz right in, WRTF!Follina 0 day – Microsoft Office Macro protection eaten for breakfast!, those of you who know me, know that I embrace Microsoft Defender as a security tool that is top notch, not just my view but the view of the analysts that report on cyber security as well, here for example with the Mitre Evaluations for 2022 where Microsoft Defender for Endpoint P2 shows its ‘chops’ and performs like the participants on “Dancing with the Stars”, not the ones who get booted early on, of course!
Lapsus$: Microsoft and Okta “breaches”
Read More: Lapsus$: Microsoft and Okta “breaches”Lapsus$: Microsoft and Okta “breaches”: When our children start being involved in masterminding cyber “breaches”, the methods change………. Microsoft and Okta were attacked in the same way as my 9 year old daughter uses when she wants more Roblox time……. 30-40 messages in short succession until I relent (or I put imessage into silent mode),…
CS Energy Breach
Read More: CS Energy BreachCS Energy in Queensland, Australia recently made the headlines when a breach was detected and thwarted before any harm was done to their customers. I want to congratulate the response from CS Energy’s cyber security team, they clearly detected and responded to a potentially catastrophic situation in a controlled and timely manner, great work! This…
It all adds up!
Read More: It all adds up!I had no idea at all! over 100 notifiable and probable “State Based” significant hacks to October 2021 – either against government orgs or with a value of more than $1 million. Four of those were against Australian government orgs and one against a New Zealand Government org. One of our business partner orgs who…
Advanced Managed Detect Response, AMDR, Articles, Breach, Endpoint Detection Response, Extended Detection ResponseNo business too small to be a target for Cyber crime
Read More: No business too small to be a target for Cyber crimeSmall to Mid enterprise companies in Australia are extremely vulnerable to revenue disruption and most likely financial disaster from cyber breach – Auto parts importer lost $880k 2 months ago as an example, not the typical target for a cyber criminal, or is it? Yesterday in one Risk Intelligence report we ran for a client…
Sinclair Broadcasting Breach
Read More: Sinclair Broadcasting BreachStory: Another ‘murican Fortune 500 company breached and affected by a Ransomware attack. With Broadcasters, retailers (online and store), NBN service providers, BNPL, Transport, Tourism (lol), some utilities etc etc….. there is an immediate cost to your business profits from an outage, customers are not patient and will go elsewhere immediately and buy their product…
