The fallout, Indonesian Ransomware incident 2024
Read More: The fallout, Indonesian Ransomware incident 2024The fallout, Indonesian Ransomware incident 2024, depending on how you look at this it is a bit of a disaster, because rather than simply resolve the problem – it is very likely that the Indonesian Government will want to decentralise their data to avoid any ransomware incident in the future affecting such a large swath…
TeamViewer has No place in a modern business – second breach in a year
Read More: TeamViewer has No place in a modern business – second breach in a yearTeamViewer has No place in a modern business – second breach in a year
No Company needs MOVEit, Tell me otherwise?!
Read More: No Company needs MOVEit, Tell me otherwise?!No Company needs MOVEit, Tell me otherwise?! MOVEit is in the cross hairs again, a second critical vulnerability – meaning it is trivial to compromise. Vulnerabilities in software don’t seem to be managed well by some, this second critical vulnerability should have been discovered and mitigated when doing the requisite post incident activities from MOVEits…
Kicksec’s Data has been breached – again
Read More: Kicksec’s Data has been breached – againGlossed over the email from Firstmac on Friday, reporting that my data has been gathered in a “limited” cyber security breach of their systems, limited now days includes sensitive citizen data clearly.
Microsoft Defender for Endpoint, Microsoft Defender, Microsoft Defender for Endpoint Server, Microsoft licensing
User vs Device Licensing, Microsoft Defender for Endpoint unmasked
Read More: User vs Device Licensing, Microsoft Defender for Endpoint unmaskedUser vs Kiosk Licensing, Microsoft Defender for Endpoint unmasked, the full story. Once upon a time… Once upon a time far back in technology history (2021 and prior I believe) Microsoft Defender for Endpoint Plan 1 or Plan 2 could be purchased per device or per user, this method of procurement made sense, and still…
NSW Clubs – Impacted by Breach of customer data
Read More: NSW Clubs – Impacted by Breach of customer dataNSW Clubs – Impacted by Breach of customer data Another Australian business affected through a 3rd party cyber incident, though in the linked article (at the footer of this post) great pains are taken to explain that it is not their own systems but rather a 3rd party, yet who owns the data that has…
101: Basic Security Posture for WordPress
Read More: 101: Basic Security Posture for WordPress101: Basic Security Posture for WordPress, WordPress is one of the most popular internet technologies in use today, as a tool for amateur and professionals wanting to blog, to sell, to consult or to do almost anything else, nothing comes close to the WordPress ecosystem for flexibility and extensibility – want to build a store…
MSP’s Enable GDAP or lose access to your O365 customers
Read More: MSP’s Enable GDAP or lose access to your O365 customersMSP’s Enable GDAP or lose access to your O365 customers, Microsoft has released a new more secure method for Managed Service Providers to perform administrative tasks against their clients called Granular Delegated Admin Privileges or GDAP for short. Introduction GDAP provides a much better Least Privilege Access model as is a core component of many…
Australian cyber security centre, Articles, ASD, ASD 8, ASD essential 8, JGES, Just good enough securityMichael Brooke presents the ASD essential 8 on Safari
Read More: Michael Brooke presents the ASD essential 8 on SafariMichael Brooke presents the ASD essential 8 on Safari; recently I had the opportunity to work with TechforGood, an organisation making a difference with Social organisations across Australia. I have two passions other than fishing and family (so four passions in total), these are: Cyber security, the field of cyber security is an industry where…
- ACSC, ACSC essential 8, Azure Application Proxy, Microsoft Azure Active Directory, Single Sign On, SSO, Zero Trust Network Architecture
“Okta parses passwords in clear text”, What does that mean to me?
Read More: “Okta parses passwords in clear text”, What does that mean to me?“Okta parses passwords in clear text”, What does that mean to me? This is really NOT an Okta problem but an industry problem – my industry, cloud SSO authentication should always and only be against known “good” Authenticators such as Microsoft, Google, Apple and others for all cloud based SSO. Passwords should never be out…
