Occams razor – When an attack is unknown?
Read More: Occams razor – When an attack is unknown?Occams razor – When an attack is unknown? This is a true story with a recent Managed Service Providers customer: Customer was breached, bank account details changed and a significant amount of money was transferred from the business account. I am not using industry or amounts to keep this anonymous, this tale though illustrates something…
Splunk, assassinated by Cisco – RIP
Read More: Splunk, assassinated by Cisco – RIPCisco to acquire Splunk? good news? not if you are a Splunk customer, not if you are a Cisco customer either….. Splunk was one of those brands that I could not get my head around, a name that seemingly means nothing to Americans but to others on the global stage, almost dirty but not quite.…
Supply Chain risk
Read More: Supply Chain riskThere has been a number of supply chain attacks recently including MoveIT and 3CX, these cyber attacks can be immensely costly and at the lest distressing for the businesses involved. For the software provider though these breaches can and often do have disastrous impact on their business, which could have been avoided by following a…
From Backup to resilient cyber security
Read More: From Backup to resilient cyber securityIn the Beginning From Backup to resilient cyber security: Best practises for Information Technology such as “Least privilege access”, “Admin account segregation”, “Operating system patching”, “Multi-factor authentication”, even “Patching and updating applications” have been around for many years, undertaken as ritual by many Information Technology departments within businesses across Australia as best practise maintainence, without…
CVE-2023-23397: Microsoft outlook vuln
Read More: CVE-2023-23397: Microsoft outlook vulnCVE-2023-23397: Microsoft Outlook Vuln: elevation of privilege vulnerability leads to NTLM credential theft: Very quick and short post today, I have already been contacted today around mitigations for this vulnerability and wanted to get some quick steps out early incase your business is unsure how to check whether you are at risk. My post assumes…
Articles, As Secure As Practical, ASAP, Azure Active Directory, CISA, CISA Scuba, Defender for O365, Do something, SCUBA, Security Assessment, Security posture
Secure Cloud Business Applications – assess your security
Read More: Secure Cloud Business Applications – assess your securitySecure Cloud Business Applications, assess your security – Best of all it is at no cost and provides guidance on best practise security guidelines for business. When reducing the likelihood of a successful cyber attack we need to break down the approach into various elements, a security assessment such as the CISA SCUBA tool is…
Australian cyber security centre, Articles, ASD, ASD 8, ASD essential 8, JGES, Just good enough securityMichael Brooke presents the ASD essential 8 on Safari
Read More: Michael Brooke presents the ASD essential 8 on SafariMichael Brooke presents the ASD essential 8 on Safari; recently I had the opportunity to work with TechforGood, an organisation making a difference with Social organisations across Australia. I have two passions other than fishing and family (so four passions in total), these are: Cyber security, the field of cyber security is an industry where…
- ACSC, ACSC essential 8, Azure Application Proxy, Microsoft Azure Active Directory, Single Sign On, SSO, Zero Trust Network Architecture
“Okta parses passwords in clear text”, What does that mean to me?
Read More: “Okta parses passwords in clear text”, What does that mean to me?“Okta parses passwords in clear text”, What does that mean to me? This is really NOT an Okta problem but an industry problem – my industry, cloud SSO authentication should always and only be against known “good” Authenticators such as Microsoft, Google, Apple and others for all cloud based SSO. Passwords should never be out…
Carrots, sticks and Donkeys do improve cyber security, part 1
Read More: Carrots, sticks and Donkeys do improve cyber security, part 1Carrots, sticks and donkeys do improve cyber security, part 1. More specifically how to Use the ACSC recommendations to achieve cyber resilience augmented with what organisations are already doing well today. As most organisations in Australia already understand, the Australian Signals directorate Essential Eight is a list of 8, easy (definitely easy) steps to implement…
#1, Down and Dusty with Microsoft sentinel
Read More: #1, Down and Dusty with Microsoft sentinel#1, down and Dusty with Microsoft Sentinel. Sentinel is one of Microsofts Crown Jewels hidden so well in plain sight that many Managed Service Providers and cyber security teams do not even know it can help them significantly with investigating Indicators of Compromise or investigating a cyber attack to find the source and the target.…
