Category: Best practice

CISA and NSA have released best practices documents on how to harden your virtual private network.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments.

There is a good reason why we should limit location feature in our smart phones and portable devices. The US National Security Agency published a helpful reminder. However take the following into account; the “document may be useful to a wide range of users, it is intended primarily for NSS/DoD system users”. The full document

Zoom has an actively exploited vulnerability. Zoom is a “remote conferencing services company headquartered in San Jose, California. It provides a remote conferencing service that combines video conferencing, online meetings, chat, and mobile collaboration” The problem starts when you chat with other meeting attendees and in particular when you sent them a link. If the

This is a great news for any security admin indeed.

The US-CERT has pushed out an advisory yesterday to warn customers of a potential cyber attack following the heightened geopolitics. You will need to review the potential attack framework and the accompanying recommendations listed further down the advisory.

A must read article to get your head around this. As the article puts it, this stuff isn't vaporware dreams—it's real, it's here already, and it's changing your life whether you realize it or not.

Ransomware attacks are often seen as just nuisance when you have a good backup. However it is a disaster for many businesses when you have no fallback. Remember a ransomware is a monster with two heads. One, it denies you access your data. Two, what is often not talked about is the fact an intruder

Security is a jigsaw. It has a lot of pieces (network security, email security, endpoint security etc) but to have the perfect fit, you have to align them correctly. You cannot replace a piece with a different piece even if you have more than one piece! If you are missing a piece you will always

Lets look into the basics of schedule scan also known as on-demand scan (this includes right-click scan). In the days when endpoint relied on anti-virus alone, schedule scan played a critical role in complementing the real-time scan also known as on-access scan. The real time scan is the guard on the tower overseeing anything that