Kicksec Blog: News, Opinions and more (or less)
All opinions on this blog site are that of the writer alone and should not be taken as advice without reviewing other sources of information regarding the topic of cyber resilience in industry.
Safeworlds TV Scam is finally being uncovered
Safeworlds TV Scam is finally being uncovered, several years ago I was introduced to an opportunity that seemed “too good to be true”, a chance to ‘invest’ (invest is a term I will come back too) in the next big thing, bigger than Google and Youtube, bigger than eBay (in 2013), larger than Amazon and…
The fallout, Indonesian Ransomware incident 2024
The fallout, Indonesian Ransomware incident 2024, depending on how you look at this it is a bit of a disaster, because rather than simply resolve the problem – it is very likely that the Indonesian Government will want to decentralise their data to avoid any ransomware incident in the future affecting such a large swath…
AI the biggest hype bubble for 2024
AI the biggest hype bubble for 2024 If you are not already aware of the fact that AI is going to take your job and then subsequently take over the world, then you are living under a rock. Before that time (the end of the world) though there are a plethora of opportunities for you…
ASD8 – Implementing Australian Signals Directorate Essential Eight with Microsoft
ASD8 – Implementing Australian Signals Directorate Essential Eight with Microsoft. Introducing ASD8 and Microsoft The Australian signals Directorate has been a frontrunner in creating, guiding and improving the cyber security posture of Australian Government and non government entities, through the Essential 8 cyber security controls which I have previously covered here and here are critical…
A man, a Goat, and a Boat meets generative AI
A man, a Goat, and a Boat meets generative AI Ask a Large Language model the question, “A man is walking with a goat and they come to a river with a small boat on their side. How can they get across the river?” The answer that is generated is not the sensible answer, being…
Ticketmaster – When a third party supplier breach is not what it appears
Ticketmaster – When a third party supplier breach is not what it appears. As many of us learnt whilst growing up, most of the time obfuscating facts to portrait yourself in a brighter light actually creates a bigger problem. Now as an adult I am not going to have my parents tell me off but…
Kicksec’s Data has been breached – again
Glossed over the email from Firstmac on Friday, reporting that my data has been gathered in a “limited” cyber security breach of their systems, limited now days includes sensitive citizen data clearly.
Microsoft Copilot for Security Ninja Now operating and at your service!
Microsoft Copilot for Security Ninja Now operating and at your service I recently completed my Microsoft Copilot for Security Ninja training, now I’m ready for those Security copilot conversations with Partners and customers….. of course this is not true! I am but a mere amateur. I do have the ‘certificate’ but I am no expert…
LogRythm, Exabeam, Splunk, Qradar, Palo Alto …. arrr
LogRythm, Exabeam, Splunk, Qradar, Palo Alto …. large cyber security acquisitions are happening to the left, to the right and straight ahead too, what is going on and why is this occurring? For those 15 of you who have not read the news yet, here it is: LogRythm and Exambeam join forces, Splunk is acquired…
NSW Clubs – Impacted by Breach of customer data
NSW Clubs – Impacted by Breach of customer data Another Australian business affected through a 3rd party cyber incident, though in the linked article (at the footer of this post) great pains are taken to explain that it is not their own systems but rather a 3rd party, yet who owns the data that has…
Microsoft Office Macro security – Are you covered?
Microsoft Office Macro security – are you covered? Microsoft Office macros are an amazing way to automate and script many parts of a business process, sometimes directly on an Office document, Spreadsheet or PowerPoint but also for interacting with third party data, the operating system and more, which is also why the recommendation today in…
AI devices currently, nothing but “hot Air”
AI devices currently, nothing but “hot Air”, problems with what is possible with our voice, conflicts with the ideas of start up founders to make money. Mr Who’s The Boss, a YouTube influencer and content creator summarised this with another AI device vying for our wallets here very succinctly. If you plan to buy this…
Consulting Integrity
Consulting with Integrity is critically important in my industry of Cyber Security, there are many consultants preaching to be what they are not, “knowledgeable” people. The Cyber security industry is fully of vendors and sellers trying to position security tooling as a solution to a cyber risk problem. I want to share a recent story…
A picture is not always worth a thousand words
A picture is not always worth a thousand words, cyber security vendors please take note Question: When is a picture NOT worth a thousand words? Answer: When it has no context Just like my photo, it has no context and therefore would by of little interest to anyone who wasn’t on the same trail with me…
From Backup to resilient cyber security
In the Beginning From Backup to resilient cyber security: Best practises for Information Technology such as “Least privilege access”, “Admin account segregation”, “Operating system patching”, “Multi-factor authentication”, even “Patching and updating applications” have been around for many years, undertaken as ritual by many Information Technology departments within businesses across Australia as best practise maintainence, without…
Four actions for protection with Microsoft Defender for Endpoint
Four actions for protection with Defender for Endpoint: Originally written by myself for Crayon and sharing here to help other organisations move past Endpoint Detection and response into preventative technologies to improve your security posture. Introduction Often I am asked the question, “Why should I use Defender for Endpoint, I use product ‘X’ and Product…
CVE-2023-23397: Microsoft outlook vuln
CVE-2023-23397: Microsoft Outlook Vuln: elevation of privilege vulnerability leads to NTLM credential theft: Very quick and short post today, I have already been contacted today around mitigations for this vulnerability and wanted to get some quick steps out early incase your business is unsure how to check whether you are at risk. My post assumes…
101: Basic Security Posture for WordPress
101: Basic Security Posture for WordPress, WordPress is one of the most popular internet technologies in use today, as a tool for amateur and professionals wanting to blog, to sell, to consult or to do almost anything else, nothing comes close to the WordPress ecosystem for flexibility and extensibility – want to build a store…
101: Introducing Microsoft Defender for Endpoint
101: Introducing Microsoft Defender for Endpoint, one of my favourite role functions is to talk with customers about Microsoft security, of course I like to speak about security in general as well but Microsoft do a really great job covering 80% of what organisations need from a cyber security perspective so I almost always start…
Microsoft Sentinel – reducing spend and log complexity first
Microsoft Sentinel – reducing spend and log complexity first, Microsoft sentinel is one of the easiest SIEM platforms to switch on and be usable without configuration. But the devil is in the details of what should be configured to ensure that the signal data being ingested is most useful, minimally duplicated and at the lowest…
