LINK This is a good document. Not all may apply to you but most will. Alot of the data here provides a good list of items that can help pressure business owners and other service owners to make appropriate changes to avoid catastrophic infections by ransomware.
The design of the Home Network in my opinion has changed in the last 10 years because of the rise of all the IoT devices as well as phones. As a part of documenting this, I was taking a look at what I have implemented at home and see what I can change as well. […]
LINK to a NSA PDF doc I suggest everyone who is not read up on this, read this document. The Zero Trust Security Model as written is a set of principles that should be applied to access/assets/services/processes/etc. A good document to live by.
LINK The MDBR service, powered by systems maintained by CIS and Akamai, automatically blocks domains associated with cyber threats including ransomware, malware, and phishing after the organizations switch their DNS provider to Akamai’s DNS server.
Not meant to be a political post at all, just something to learn and understand for business. This is just a perfect example of the point for this article. Parler was kicked off Amazon Web Services. So their entire infrastructure was essentially turned off because it violated AWS’s terms of services. So my advice to […]
I found a link that has some great information on Apache / Weblogic Best Practices from the firm OpenLogic LINK
So Adobe Flash is officially dead now (or will be in a few days…I just know its not getting any more updates). The question is, how to ENSURE its gone. We both know, people will keep using it if its still there. Besides using automated tools to rip it off desktops, how can we be […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a PowerShell-based tool that helps detect potentially compromised applications and accounts in Azure/Microsoft 365 environments. This is in relation to: Solorigate AzureAd IOCs and a link earlier about SolarWinds and SAML The tool is called Sparrow and CISA posted it up on GitHub
Someone asked me this question and my answer was this…and yes, its full of qualifiers. Think of these Qualifiers as Risks and Document this entire thing appropriately. Yes and No Yes, you can absolutely use it, but it is NOT recommended at all. Sure I could use it if it was never connected to a […]