Security

Case Study – Successful Phishing Attack

2020-09-01T20:01:55+00:00

Background We have a client who we provide a base level service to.  We are responsible for ensuring their desktops are operational and their employees have the capability to log in to their emails, with all other services being provided by another agency. What Happened Recently, we received a call from one of their employees stating that their emails had stopped working.  After some initial investigation it was discovered that Microsoft had blocked their account due to the fact that it had hit the threshold for emails being auto-forwarded. This piqued the interest of our security analyst who investigated further and discovered that emails were being forwarded from the O365 account to a gmail account since 15 July. After discussing with the client, this email address was not known to them.  Our analyst then disabled the rule within their email account and examined their emails for anything suspicious that may have arrived around the date the rule was first created. This is when our analyst discovered this little gem: As you can see, the email preys on the complacency of users by telling them they can bypass password change requirements by clicking on the link and logging in.  This [...]

Case Study – Successful Phishing Attack2020-09-01T20:01:55+00:00

Re-Think Password Security

2020-08-16T22:49:48+00:00

Weak and stolen passwords are the number one reason for data breaches globally. This has introduced specific password alternatives like biometrics, Single Sign-On Sessions (SSO), pin codes, Magic links, and physical keys to the forefront of the digital world. However, as great as these alternatives are and as breach-prone, the traditional passwords may be, passwords still dominate the world of cybersecurity.Since password management is evolving rapidly, new ways of keeping passwords secure are being introduced. Let us explore a few tips that can help safeguard passwords and make you re-think about password security.Create Strong Passwords with Long PassphrasesThe  Australian Cyber Security Centre (ACSC)  recommends coming up with long passphrases that are easy to remember but difficult to guess. Strong passwords are at least fourteen characters in length and represent a combination of both uppercase and lowercase letters along with symbols. It is also worth noting that the passwords should not be so complicated that they force the users to write them down everywhere. The best practice is to create a passphrase as if it is representing a story or use a PAO (Person-Action-Object) terminology. As an example, you can take the first letters of each word from the sentence “a crazy white fox is jumping over a [...]

Re-Think Password Security2020-08-16T22:49:48+00:00

What Is Application Whitelisting?

2020-08-07T20:07:00+00:00

Enterprise security and resource management are of utmost importance for any organisation these days. Application whitelisting is a proactive threat mitigation technique that allows pre-authorised programs or software to run while all the others are blocked by default. Benefits of Application Whitelisting Along with security controls, application whitelisting also provides the added benefit of providing resource management within a network. Since only whitelisted applications can run, system crashes and lags are considerably reduced even if the demand for network resources scales up. This technology was originally developed to prevent the usage of unauthorised or unlicensed software. However, with the advent of cyber threats, unauthorised downloads, malware, adware, and malicious email attachments, this technology has demonstrated its efficacy in the prevention of security attacks and unauthorised file executions as well. Last but not the least, it also keeps an inventory of applications and versions installed on your network. How Application Whitelisting Works In stark contrast with traditional blacklisting used by most antiviruses where certain applications are fully blocked, application whitelisting places control over which programs can run on a given machine or network in the hands of the administrators. Any program that wishes to run is then matched against a [...]

What Is Application Whitelisting?2020-08-07T20:07:00+00:00

Remote Working Has Become The New Norm

2020-07-26T02:54:42+00:00

As COVID-19 (coronavirus) continuous to disrupt our lifestyles and hurt economies worldwide, it has also made organisations vulnerable to cybersecurity risks as employees continue to work remotely.  Almost 7 months have passed and Covid-19 has turned into a global pandemic posing a major health crisis to countries across the globe. Organisations have had to take measures to ensure the well-being of their staff and keep their services running for customers at the same time. Due to this, having employees work-from-home has become the new norm. This pandemic has in many ways opened doors of new opportunities and possibilities for the corporate world. While the health crisis is a concern, there are a host of benefits that both employees and employers can experience that comes along with remote-working.  The benefits employees enjoy while working-remotely can include: Comfortable working environment.  More time with family. Cost savings on travel  Casual dress-code  Limited supervision and so on.  While on the other hand, the benefits companies enjoy while their employee work-from-home includes:  Low-operational costs.  Costs savings on electricity bills. Low hardware operational-costs.  Increased productivity, studies have found employees that work-remotely is 35%-40% more active and productive than employees who work in the office. In light of [...]

Remote Working Has Become The New Norm2020-07-26T02:54:42+00:00
Go to Top