Increased risk of phishing scams following CrowdStrike outage

The Australian Signals Directorate has issued a warning about an increased risk of phishing scams following yesterday's CrowdStrike outage. According to the alert, ASD’s ACSC has identified numerous malicious websites and unofficial code claiming to assist entities in recovering from the widespread outages caused by the CrowdStrike technical incident. ASD’s ACSC strongly advises all consumers to obtain their technical information and updates directly from official CrowdStrike sources only. [Learn more here]https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/widespread-outages-relating-crowdstrike-software-update?fbclid=IwZXh0bgNhZW0CMTEAAR1veIrKLYJrloZIx7AvqS6Nlqv3UfvENiPg6lVbHUhffjbS_7HBzNQEGdI_aem_TUaGcC36MEN9SJxw0OUTnQ It...

Read More

Crowdstrike Global IT outage affecting computers around the world

A current worldwide #CrowdStrike issue causing #BSOD. Seen reports from  AU, NZ ,Japan, India. And Europe. The global computer outage affecting airports, banks and other businesses.CrowdStrike’s cybersecurity software — used by numerous Fortune 500 companies, including major global banks, healthcare and energy companies — detects and blocks hacking threats. Like other cybersecurity products, the software requires deep-level access to a computer’s operating system to scan for those threats. In this case, computers running Microsoft Windows appear to be crashing because of the faulty way a software code update issued by CrowdStrike is...

Read More

Free cyber security course. Delve into essential cybersecurity NIST Risk management frameworks

 🌟 Exciting Announcement Alert! Last week, NIST took a significant step in advancing cybersecurity education by releasing four introductory courses covering their flagship publications for FREE! 🆓📘 Delve into essential cybersecurity frameworks with courses on:- NIST SP 800-37, Risk Management Framework (RMF) - NIST SP 800-53, Security and Privacy Controls for Information Systems and Organizations- NIST SP 800-53A, Assessing Security and Privacy Controls in Information Systems and Organizations- NIST SP 800-53B, Control Baselines for Information Systems and Organizations🔍 These meticulously curated courses offer unparalleled...

Read More

Securing Your Future: The Bright Outlook for Careers in Cybersecurity

The Bright Future of Careers in Cybersecurity. Explore the thriving job market, competitive salaries, and abundant growth opportunities in cybersecurity careers. Discover why a career in cybersecurity offers both financial rewards and the satisfaction of protecting our digital worldThe landscape of cybersecurity careers is experiencing a significant uptrend, fueled by several driving forces:Rising Cyber Threats:The frequency, complexity, and cost of cyberattacks are on the rise. This escalating threat landscape is prompting organizations across all sectors to prioritize investments in robust cybersecurity measures.Advancing Technologies:The...

Read More

Navigating the Path to a Cybersecurity Career in Australia or anywhere : Roles, Opportunities, and Guidance

Embarking on a career in cybersecurity is an exciting journey filled with opportunities for growth and learning. With the ever-evolving digital landscape, the demand for skilled cybersecurity professionals continues to rise, making it an ideal time to explore this dynamic field. In this post, we will delve into the various roles available in cybersecurity, including specialized positions, and provide guidance on how to pursue them effectively in the Australian market1. Blue Team Roles   Security Analyst: Responsible for monitoring and analyzing security events, investigating incidents, and implementing defensive measures to protect...

Read More

MGM Cyber Attack cost 110 Million

In September the hospitality and entertainment company #MGM Resorts was hit by a #ransomware attack that shut down its systems at MGM Hotels and Casinos. The incident affected #hotel reservation systems in the United States and other IT systems that run the casino floors. The company now revealed that the costs from the #ransomware attack have exceeded $110 million. The company paid third-party experts $10 million to clean up its systems. Allegedly, a criminal gang made up of U.S. and U.K.-based individuals that cybersecurity experts call #Scattered Spider (aka Roasted 0ktapus, UNC3944 or Storm-0875) initiated a social engineering attack that...

Read More

Developing and implementing security controls for Azure Active Directory (Azure AD)

Today we will share the list of things you need to consider for Developing and implementing security controls for Azure Active Directory (Azure AD):1. Identify Azure AD Assets:   - Create an inventory of all Azure AD assets, including user accounts, groups, applications, service principals, and Azure AD resources.   - Document the purpose and sensitivity level of each asset.   - Classify assets based on their importance and criticality to the organization, considering factors such as the data they provide access to or the applications they authenticate.2. Perform a Risk Assessment:   - Identify potential...

Read More

Explore Microsoft Bing Chat

 Explore Microsoft Bing Chat is a new feature that allows business users to interact with Microsoft Bing in a conversational way. You can ask Microsoft Bing questions, get insights, create content, and more in natural language. Microsoft Bing responds with informative, intuitive, logical, and actionable responses to help you get things done faster and easier.   In this blog post, we'll show you how to use Discover chat on Microsoft Bing and how it can benefit your work.  Here are some steps to get started: Go to https://www.bing.com and click  the chat icon in the lower right corner of the screen.  Select...

Read More

Recommendations for Mitigating BianLian Ransomware Group attack

To enhance your organization's cybersecurity posture and counter the activities of the BianLian Ransomware Group, we advise implementing the following mitigations. These measures align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and NIST (the National Institute of Standards and Technology). The CPGs outline a minimum set of practices and protections recommended for all organizations, based on existing cybersecurity frameworks and guidance that target common and impactful threats and tactics.1. Reduce the risk of malicious actors using remote access tools by taking the following actions:   - Conduct...

Read More

Are you ready to break into the exciting and dynamic world of cybersecurity?

Are you ready to break into the exciting and dynamic world of cybersecurity? It's not just a job, it's a lifestyle that attracts a passionate and innovative community of professionals. If you're eager to join their ranks, follow these 10 steps to cheat your way to success!1.Build a Strong Foundation - turbocharge your career with a comprehensive education in cybersecurity, available through a variety of programs like bootcamps, online courses, degrees, or certifications.2. Master Technical Skills - impress potential employers by developing a wide range of technical proficiencies, including hardware, software, Windows/Linux, networking, vulnerability...

Read More

Ransomware Response Plan

Here are the key steps for an effective response plan:  1. Don't Panic: - Stay calm and act purposefully when targeted by ransomware. - Seek help from security vendors or report the incident to your insurance company.  2. Isolate Your Systems and Stop the Spread: - Identify the range of the attack and implement network-level blocks or device-level isolation. - Utilize endpoint detection and response (EDR) technology to block the attack at the process level. 3. Identify the Ransomware Variant: - Determine the specific strain of ransomware to understand its behavior and possible decryption options.  4....

Read More

Chat GPT Alternatives

OpenAI’s Chat GPT offers the reality of high-performing AI chatbots. The purpose of these chatbots is to communicate with users in a conversational manner. And being open source, users can suggest any improvements. As a result, this technology has taken the internet by storm. Millions of users are using it, but there have been some issues with this chatbot. Particularly when Chat GPT is at capacity and users cannot access it.Therefore it’s good to know about some quality Chat GPT alternatives. Here are some options that can help you to level up with AI more easily if Chat GPT is not working for you. Some are more complex, and others far...

Read More

What is Phishing and key points to remember

What is phishingPhishing is a type of online scam in which attackers send fraudulent emails or create fake websites with the intention of tricking individuals into divulging sensitive information such as login credentials, credit card numbers, and other financial information. The attackers often pose as trusted organizations or individuals and use various tactics to persuade the victim to click on a link or download an attachment. The link or attachment may contain malware that can infect the victim's device or redirect the victim to a fake website where they are prompted to enter their personal information.Phishing attacks can be difficult to...

Read More

How to become a successfull cyber security engineer from cyber security analyst

Here are some steps you can take to become a successful cyber security engineer from a cyber security analyst:Build your technical skills: As a cyber security analyst, you may already have a strong foundation in cyber security technologies and practices. However, to become a cyber security engineer, you should aim to expand your technical skillset and knowledge in areas such as network security, security architecture, and system design.Gain practical experience: Hands-on experience is crucial in the field of cyber security. Consider volunteering for security-related projects or internships to gain practical experience and build your portfolio.Pursue...

Read More

What are the key tools to know for cyber security engineering role

Here are some key tools that are commonly used in cyber security engineering roles:Network monitoring tools: These tools allow security engineers to monitor network traffic and identify unusual activity or potential threats. Examples include Wireshark, Splunk, and SolarWinds.Vulnerability scanners: These tools scan systems and networks for known vulnerabilities and provide recommendations for remediation. Examples include Nessus, Qualys, and Rapid7.Security information and event management (SIEM) systems: These systems collect and analyze security-related data from various sources to identify potential threats and provide alerts. Examples include...

Read More