101: Basic Security Posture for WordPress
Read More: 101: Basic Security Posture for WordPress101: Basic Security Posture for WordPress, WordPress is one of the most popular internet technologies in use today, as a tool for amateur and professionals wanting to blog, to sell, to consult or to do almost anything else, nothing comes close to the WordPress ecosystem for flexibility and extensibility – want to build a store…
MSP’s Enable GDAP or lose access to your O365 customers
Read More: MSP’s Enable GDAP or lose access to your O365 customersMSP’s Enable GDAP or lose access to your O365 customers, Microsoft has released a new more secure method for Managed Service Providers to perform administrative tasks against their clients called Granular Delegated Admin Privileges or GDAP for short. Introduction GDAP provides a much better Least Privilege Access model as is a core component of many…
Australian cyber security centre, Articles, ASD, ASD 8, ASD essential 8, JGES, Just good enough security
Michael Brooke presents the ASD essential 8 on Safari
Read More: Michael Brooke presents the ASD essential 8 on SafariMichael Brooke presents the ASD essential 8 on Safari; recently I had the opportunity to work with TechforGood, an organisation making a difference with Social organisations across Australia. I have two passions other than fishing and family (so four passions in total), these are: Cyber security, the field of cyber security is an industry where…
- ACSC, ACSC essential 8, Azure Application Proxy, Microsoft Azure Active Directory, Single Sign On, SSO, Zero Trust Network Architecture
“Okta parses passwords in clear text”, What does that mean to me?
Read More: “Okta parses passwords in clear text”, What does that mean to me?“Okta parses passwords in clear text”, What does that mean to me? This is really NOT an Okta problem but an industry problem – my industry, cloud SSO authentication should always and only be against known “good” Authenticators such as Microsoft, Google, Apple and others for all cloud based SSO. Passwords should never be out…
Articles, Airlock Digital, Application Control, Breach, Cyber Security Framework, Endpoint Detection Response, EPP, Microsoft, Microsoft Defender, Microsoft Defender for Endpoint, Zero Trust Network Architecture, ZTNAFollina 0 day – Office lets the bad guy waltz right in, WRTF!
Read More: Follina 0 day – Office lets the bad guy waltz right in, WRTF!Follina 0 day – Microsoft Office Macro protection eaten for breakfast!, those of you who know me, know that I embrace Microsoft Defender as a security tool that is top notch, not just my view but the view of the analysts that report on cyber security as well, here for example with the Mitre Evaluations…
Articles, ACSC, ACSC essential 8, ASD, ASD 8, ASD essential 8, Australian cyber security centre, Microsoft Defender for EndpointMicrosoft Defender for Endpoint training resources
Read More: Microsoft Defender for Endpoint training resourcesMicrosoft Defender for Endpoint training resources: The goal of this page is to put together a level 101/201 resource for consultants and end customers to utilise to find out more about Defender for Endpoints, I will update the details as they change but this is current as of May 2022. Microsoft Defender for Endpoint training…
Trend XDR – Microsoft sentinel Integration
Read More: Trend XDR – Microsoft sentinel IntegrationUsing Trend XDR – Microsoft sentinel Integration is an excellent way to connect to additional sources of telemetry data and add this to your corporate instance of Microsoft Sentinel for SIEM and SOAR capabilities. I discovered this article this morning in my feed and thought it would be great to share as it is a…
Easy Fail – Australian critical infrastructure
Read More: Easy Fail – Australian critical infrastructureThe Easy Fail in critical infrastructure should have all of us worried right now, whether it is the water being turned off, the traffic lighting systems that we all rely on to get around the cities we live in or much worse, the Electricity that we used to power our homes and provide us warmth…
Advanced Managed Detect Response, AMDR, Articles, Breach, Endpoint Detection Response, Extended Detection ResponseNo business too small to be a target for Cyber crime
Read More: No business too small to be a target for Cyber crimeSmall to Mid enterprise companies in Australia are extremely vulnerable to revenue disruption and most likely financial disaster from cyber breach – Auto parts importer lost $880k 2 months ago as an example, not the typical target for a cyber criminal, or is it? Yesterday in one Risk Intelligence report we ran for a client…
The problem is NOT Cyber security!
Read More: The problem is NOT Cyber security!The “Compliance with the NSW Cyber Security Policy” special report released on the 28th October 2021 should be a serious concern to every NSW resident who has their Personally Identifiable Information being “securely” held by a government agency. Vic, NSW, QLD, SA, NT and TAS could very likely be transposed with NSW and these findings…
