We’re halfway through our Essential Eight series, and today we’ll discuss User Application Hardening. The ACSC emphasises that user application hardening is crucial for protecting organisations from various threats, including malicious websites, harmful scripts in advertisements, and exploitation of vulnerabilities in unsupported software. It’s about making it more challenging for cybercriminals to exploit vulnerabilities or […]
We have now reached the third instalment of our comprehensive Essential 8 series, wherein we will discuss the crucial topic of configuring Microsoft Office macro settings. Microsoft Office applications in the public sector commonly utilise macros to automate routine tasks. Macros are popular and efficient tools for repetitive processes. However, it’s important to note that […]
Continuing our Essential 8 Series, we will address its second control, patch applications. Patch applications can be defined as “patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patching applications is the systematic implementation of software updates to ensure functionality and security updates/fixes are applied to applications within […]
The Australian Cyber Security Centre (ACSC) has a guideline called Essential 8, a security framework that businesses should adhere to as a bare minimum. In today’s article, we will address its first control, application control. The ACSC defines Application Control as “A security approach designed to protect against malicious code (also known as malware) executing […]
A world-first exploit has hit cyberspace recently, being a supply chain attack to a supply chain attack (if that makes sense). The attack refers to the recent 3CX incident, discovering that its 3CX DesktopApp 18.12.416 was spreading malware believed to have been orchestrated by a nation-state actor looking to cause severe damage. Threat experts at […]
So you have been in business for a few years now and are starting to hire more people. The business you started with the hopes of eventually growing is starting to bear fruit after all the blood, sweat and tears. Now you can finally delegate some tasks to employees, contractors and vendors. While being able […]
Something that gets asked from us quite a lot is about devices and if they should be provided by the company we are speaking with or the employees of that company in a BYOD (bring your own device) program. Whilst the latter option helps save capital expenditure initially, this can be more costly and burdensome […]
One of the most frequent conversations we have been engaging with business people is passwords, where to store them, how to make them, and some of the associated risks of having poor ones. In this article, we will cover exactly what you can do to be more secure with passwords and what are best practices […]
“It won’t happen to me”. “I’m too small”.“I don’t even have that much information”. These are all common phrases that we hear daily. People not taking security seriously is a big issue in Australia. The “she’ll be right” mentality is something that we, unfortunately, can’t adopt when it comes to a company’s cyber posture. Gone […]
As IT and Security personnel, we’re always ear-bashing about best practices, better practices, or best practical. We have narrowed down the Top 3 Bad Security Practices outlined by the Cybersecurity & Infrastructure Security Agency from the States. While CISA is based overseas, a lot of the security information still applies to local Small-Medium Businesses. Even […]
