Never on a Friday
I like Okta. It can get a bit pricey but it’s not bad.
But if you’re going to start making it a habit of doing vulnerability notifications late on Friday evenings? I’m going to take ten mins on a Saturday to call it out.
It’s a
Topic
Security
A collection of 50 issues
Sophos laying it on the table
This is a good thing to bookmark and read
Sophos have released a report covering their five year research into Chinese groups attempting to hack their devices.
Sophos’ Pacific Rim: Defense Against Nation-state HackersDiscover Sophos’ Pacific Rim defense against nation-state / Chinese hackers Volt Typhoon, APT31, and APT41 targeting critical infrastructure.
2024 will be a record year?
2024 on track to be a record year for ransomware payments. Brill.
2024 looks set to be another record-breaking year for ransomware — and it’s likely going to get worse | TechCrunchThis year, 2024, looks set to be the most profitable yet for hackers, with four ransom demands paid in the
Some good questions
It’s Cyber Security Awareness Month
(The WORST acronym…ever, Marketers are eye-rolling and weeping. If they aren’t, somebody needs to have a quiet word)
Strangely I’m interested in seeing where the marketing does go on this. ‘It’s [I’m not typing it again] so be aware
TFL with a lot of password resets
It took a while for this to hit a news site. I don’t like posting things if I can’t link to something.
TfL requires in-person password resets for 30,000 employees after hack Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person
Open source and Cyber Essentials Plus
“What if you wanted to run open source software, but gain or maintain Cyber Essentials Plus?”
That was an interesting question. Especially in the context of having potential alternatives to Big Player software. My initial thought was surely it’d be bloody painful and just not worth it?
NCSC seem
Wild Navy read
This is a wild read.
How Navy chiefs conspired to get themselves illegal warship Wi-FiA scathing Navy investigation reveals how USS Manchester’s enlisted leaders endangered their ship with an unauthorized Starlink Wi-Fi setup.Navy TimesDiana Correll
You can have ALL the security infrastructure, access management, policies, logging and monitoring
RIP the cow
Ever had to explain to an SME Management team that they can be targeted by ransomware? Heard the objection that they’re too small to be targeted? Most of the focus is on big companies and multimillion demands after all
They targeted a Swiss farmer for a $10k demand...a
Crowdstrike RCA is out
In incident response, security and GRC I’ve often asked the question “How do we train people without the pain?”.
There’s no better teacher than experience. But sometimes that comes with trials and tribulations.
The longest time I spent managing an incident was 27hrs straight. The dark hours were
Check the superusers
When someone with any kind of authority or access leaves an organisation, it should trigger a review of accounts. Execs, System Owners and Super Users. You should be doing that at least once a year anyway. But also asap when someone like that leaves.
To justify this in the past