We’re halfway through our Essential Eight series, and today we’ll discuss User Application Hardening. The ACSC emphasises that user application hardening is crucial for protecting organisations from various threats, including malicious websites, harmful scripts in advertisements, and exploitation of vulnerabilities in unsupported software. It’s about making it more challenging for cybercriminals to exploit vulnerabilities or […]
We have now reached the third instalment of our comprehensive Essential 8 series, wherein we will discuss the crucial topic of configuring Microsoft Office macro settings. Microsoft Office applications in the public sector commonly utilise macros to automate routine tasks. Macros are popular and efficient tools for repetitive processes. However, it’s important to note that […]
Continuing our Essential 8 Series, we will address its second control, patch applications. Patch applications can be defined as “patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patching applications is the systematic implementation of software updates to ensure functionality and security updates/fixes are applied to applications within […]
The Australian Cyber Security Centre (ACSC) has a guideline called Essential 8, a security framework that businesses should adhere to as a bare minimum. In today’s article, we will address its first control, application control. The ACSC defines Application Control as “A security approach designed to protect against malicious code (also known as malware) executing […]
A world-first exploit has hit cyberspace recently, being a supply chain attack to a supply chain attack (if that makes sense). The attack refers to the recent 3CX incident, discovering that its 3CX DesktopApp 18.12.416 was spreading malware believed to have been orchestrated by a nation-state actor looking to cause severe damage. Threat experts at […]
So you have been in business for a few years now and are starting to hire more people. The business you started with the hopes of eventually growing is starting to bear fruit after all the blood, sweat and tears. Now you can finally delegate some tasks to employees, contractors and vendors. While being able […]
Something that gets asked from us quite a lot is about devices and if they should be provided by the company we are speaking with or the employees of that company in a BYOD (bring your own device) program. Whilst the latter option helps save capital expenditure initially, this can be more costly and burdensome […]
One of the most frequent conversations we have been engaging with business people is passwords, where to store them, how to make them, and some of the associated risks of having poor ones. In this article, we will cover exactly what you can do to be more secure with passwords and what are best practices […]
Business people that we speak with are usually saying one of two things.“We don’t have that much data anyway.”“Hackers don’t care that much about my data.”We, however, always tell them the same answers. A data breach, big or small, can make clients and vendors wary of using your services or terminate such services. Or, in some […]
If you ask businesses what their Incident Response Plan looks like they’ll reply “My IT guy sorts that stuff out”. This misconception is usually due to them having someone handle their IT, so the assumption is that one is in place. Incident Response and Business Continuity, What does it even mean? An Incident Response Plan […]
