NSW Clubs – Impacted by Breach of customer data
Read More: NSW Clubs – Impacted by Breach of customer dataNSW Clubs – Impacted by Breach of customer data Another Australian business affected through a 3rd party cyber incident, though in the linked article (at the footer of this post) great pains are taken to explain that it is not their own systems but rather a 3rd party, yet who owns the data that has…
Microsoft Office Macro security – Are you covered?
Read More: Microsoft Office Macro security – Are you covered?Microsoft Office Macro security – are you covered? Microsoft Office macros are an amazing way to automate and script many parts of a business process, sometimes directly on an Office document, Spreadsheet or PowerPoint but also for interacting with third party data, the operating system and more, which is also why the recommendation today in…
AI devices currently, nothing but “hot Air”
Read More: AI devices currently, nothing but “hot Air”AI devices currently, nothing but “hot Air”, problems with what is possible with our voice, conflicts with the ideas of start up founders to make money. Mr Who’s The Boss, a YouTube influencer and content creator summarised this with another AI device vying for our wallets here very succinctly. If you plan to buy this…
SCUBA now scans Google
Read More: SCUBA now scans GoogleSCUBA is not Scuba, one is a pursuit I would like to try one day and the other is something to deetect misconfigurations and some security vulnerabilities in a cloud environment (the one in all CAPS). CISA SCUBA is maintained and is free, it works for Microsoft 365 environments and now they have updated for…
Data Cleansing and Large Language Models
Read More: Data Cleansing and Large Language ModelsData Cleansing and Large Language Models, what is great about large language models for enterprise is also what is potentially most problematic. Training an LLM using your data will bring amazing upsides to productivity, for example, maybe I have a customer who requires my assistance to build out a programme of work for a project.…
Consulting Integrity
Read More: Consulting IntegrityConsulting with Integrity is critically important in my industry of Cyber Security, there are many consultants preaching to be what they are not, “knowledgeable” people. The Cyber security industry is fully of vendors and sellers trying to position security tooling as a solution to a cyber risk problem. I want to share a recent story…
Targeted Business Email Compromise through weaponising your own tenant!
Read More: Targeted Business Email Compromise through weaponising your own tenant!Targeted Business Email Compromise through weaponising your own tenant!, As we in the ‘Industry’ are well aware, 90% of Cyber security incidents start with email, its simple, we all use it and an email attack targets the weakest link in our security posture, me and you. During the past month an old/new cyber criminal attack…
Occams razor – When an attack is unknown?
Read More: Occams razor – When an attack is unknown?Occams razor – When an attack is unknown? This is a true story with a recent Managed Service Providers customer: Customer was breached, bank account details changed and a significant amount of money was transferred from the business account. I am not using industry or amounts to keep this anonymous, this tale though illustrates something…
Splunk, assassinated by Cisco – RIP
Read More: Splunk, assassinated by Cisco – RIPCisco to acquire Splunk? good news? not if you are a Splunk customer, not if you are a Cisco customer either….. Splunk was one of those brands that I could not get my head around, a name that seemingly means nothing to Americans but to others on the global stage, almost dirty but not quite.…
A picture is not always worth a thousand words
Read More: A picture is not always worth a thousand wordsA picture is not always worth a thousand words, cyber security vendors please take note Question: When is a picture NOT worth a thousand words? Answer: When it has no context Just like my photo, it has no context and therefore would by of little interest to anyone who wasn’t on the same trail with me…
Are you an MSP and want to ask a question about ‘how to’ with Microsoft Security? QR code for my WhatsApp group.
About me
I am passionate about Australian organisations improving their cyber security posture, where possible I want to help improve by sharing the questions that I am asked along with some answers, there are many cyber security experts who have a vast amount of knowledge to share, if I can help to aggregate some of this then it is achieving my objective to improve the security posture for all businesses.
I am a current member of AISA Australia (Melbourne), and though I am not a cyber security expert I am a Microsoft Cyber security Expert by certification. I am an enthusiast and continue to learn every day from every conversation I have.
.
Recent Posts
- Microsoft Defender for Endpoint Intro video
- Kasaya CEO says MSP’s will benefit by Vendor Consolidation?
- When to Microsoft Sentinel and when to just XDR!
- Microsoft Sentinel Log ingestion from Business Premium
- Total Tools Totally messed up – Credit card details stolen for 30k customers
Tags
#acsc (2) #asd8 (2) #kicksecio (16) 101 (3) ACSC (2) AI (3) Alan Metcalfe (6) Artificial Intelligence (4) ASD 8 (2) Breach (15) Cyber Security (38) Data leakage (6) Data Protection (5) Endpoint Detection response (3) Extended Detection Response (3) GenAI (2) Generative AI (3) Kicksecio (3) Managed Detection Response (6) Managed Service Provider (6) Microsoft (20) Microsoft Defender for cloud (2) Microsoft Defender for endpoints (11) microsoft licensing (2) okta (2) Safeworlds (9) Safe worlds Safeworlds Safe worlds IPTV Alan Metcalfe (7) Sentinel (4) SIEM (5)
Recent Comments
Archive
- November 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- December 2023
- September 2023
- August 2023
- July 2023
- March 2023
- January 2023
- December 2022
- November 2022
- October 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2020
- April 2018
- September 2016
- May 2016
- October 2014
- September 2014
- August 2014
- July 2014
- May 2014
- February 2014
- January 2014
- July 2011
- July 2010
- May 2010
- March 2010
- July 2009
- June 2009
- March 2009
Categories
- ACSC
- ACSC essential 8
- Active Directory
- Active Roles Server
- Advanced Managed Detect Response
- AI
- Airlock Digital
- Alan Metcalfe
- AMDR
- Apple
- Application Control
- Architect
- Articles
- Artificial Intelligence
- As Secure As Practical
- ASAP
- ASD
- ASD 8
- ASD essential 8
- Attack surface reduction
- Australian cyber security centre
- Azure Active Directory
- Azure Application Proxy
- Backup
- Bing
- Bitlocker
- Blog
- Bombs
- Breach
- Business Email Compromise
- CASB
- ChatGPT
- CIS 18
- CISA
- CISA Scuba
- Citrix
- Client Access Security Broker
- Cloud
- CoPilot for Security
- Crowdstrike
- Cyber risk
- Cyber Security Framework
- Data Breach
- Data Loss Prevention
- Data Protection
- Defender for O365
- Dell
- Device
- DLP
- DMARC
- Do something
- Email Archiving
- Endpoint Detection Response
- EndPoint Protection
- Entra identity
- EPP
- Exam prep
- Extended detection and response
- Extended Detection Response
- Facebook scams
- Fake news
- FIM 2010
- Funny
- GDAP
- Gen AI
- Global Warming
- Hiring
- HP
- Identity Access Management
- Incident response
- Industry
- Information Protection
- iPad
- IT secrets
- IT senior
- JGES
- Journalistic flare
- Just good enough security
- Kin
- Large Language Model
- Large Language Models
- Least privilege
- M365
- Mac
- mac mini
- Machine Learning
- Macro
- Malware
- Managed Detection Response
- MDR
- MFA
- Microsoft
- Microsoft Autopatch
- Microsoft Azure Active Directory
- Microsoft certification
- Microsoft Defender
- Microsoft Defender Application Guard
- Microsoft Defender for Cloud
- Microsoft Defender for Endpoint
- Microsoft Defender for Endpoint Server
- Microsoft Defender for Identity
- Microsoft Defender Vulnerability Management
- Microsoft Endpoint Manager
- Microsoft Intune
- Microsoft licensing
- Microsoft purview
- Microsoft Sentinel
- Migration
- Mimosa
- Mitre Att&ck
- ML
- money
- MSP
- Multi factor Authentication
- multifactor authentication
- MVCS
- NAS
- NASA
- Network detection and response
- NIST CSF
- O365
- Office 365
- Office Macro
- Open source
- Operating System Hardening
- Opinion
- OSX
- PAM
- people
- Phishing
- Pig Butchering
- Planning
- poor performance
- Privileged Access Management
- Process
- Protection
- Purview Information Protection
- Quest
- Quest Software
- Ransomeware
- Ransomware
- Recession
- Recovery
- repair Disk
- Safe Worlds' IPTV
- Safeworlds
- Safeworlds IPTV
- Safeworlds itv Alan Metcalfe
- safeworlds tv
- SAN
- Sandbox
- SASE
- Scam
- Scams
- SCUBA
- Search
- Secure Access Service Edge
- Security
- Security Assessment
- Security information event management
- Security posture
- SIEM
- Single Label Active Directory
- Single Sign On
- slow
- Social Media
- Software Industry
- Solutions Architect
- SSO
- Storage
- Supplier Breach
- Tablets
- Terminal services
- Tethering
- Thin Provisioning
- Threat and vulnerability management
- Threat Hunting
- universal logic
- VMware
- vWorkspace
- Wifi
- Windows 10
- Windows Autopilot
- Windows Sandbox
- WTH
- Xbox
- XDR
- Zero day
- Zero Trust Network Architecture
- ZTNA