We’re halfway through our Essential Eight series, and today we’ll discuss User Application Hardening. The ACSC emphasises that user application hardening is crucial for protecting organisations from various threats, including malicious websites, harmful scripts in advertisements, and exploitation of vulnerabilities in unsupported software. It’s about making it more challenging for cybercriminals to exploit vulnerabilities or […]
Continuing our Essential 8 Series, we will address its second control, patch applications. Patch applications can be defined as “patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patching applications is the systematic implementation of software updates to ensure functionality and security updates/fixes are applied to applications within […]
The Australian Cyber Security Centre (ACSC) has a guideline called Essential 8, a security framework that businesses should adhere to as a bare minimum. In today’s article, we will address its first control, application control. The ACSC defines Application Control as “A security approach designed to protect against malicious code (also known as malware) executing […]
A world-first exploit has hit cyberspace recently, being a supply chain attack to a supply chain attack (if that makes sense). The attack refers to the recent 3CX incident, discovering that its 3CX DesktopApp 18.12.416 was spreading malware believed to have been orchestrated by a nation-state actor looking to cause severe damage. Threat experts at […]
One of the most frequent conversations we have been engaging with business people is passwords, where to store them, how to make them, and some of the associated risks of having poor ones. In this article, we will cover exactly what you can do to be more secure with passwords and what are best practices […]
As IT and Security personnel, we’re always ear-bashing about best practices, better practices, or best practical. We have narrowed down the Top 3 Bad Security Practices outlined by the Cybersecurity & Infrastructure Security Agency from the States. While CISA is based overseas, a lot of the security information still applies to local Small-Medium Businesses. Even […]
