Tuesday, November 5, 2024

 


 HOLIDAY CYBER SECURITY BEST PRACTICES

Below are some helpful tips to minimize your chances of having your Debit or Credit Cards compromised this Holiday Season and for everyday use…

Here's hoping everyone has an amazing and safe 2024 Holiday Season!

If you have questions or comments, please feel free to reach out.

1.        KEEP THINGS UP TO DATE:

a.      Keep your electronic devices up to date.

b.      Check for Operating System patches and apply them

c.       Check for Software updates and apply them as soon as practical

2.     PASSWORDS:

a.      Change the password on your Internet Router at your home and place of business.

b.      If you are using your Web Browsers native password storage capability, please consider moving to a pure play Password Manager like the “DashLane” or “LastPass” password Manager discussed below

c.       Once you have migrated your passwords from your built in Web Browser password plug in to DashLane, delete them from your Web Browser password manager and disable it.

3.     PASSWORD MANAGER:

a.      Implement a Password Manager for all of your electronic devices.

b.      I recommend the “DashLane” “DashLane” or “LastPass” Password Manager, it is very easy to use for Business and Home Use.  It will “auto fill” your passwords if you wish and allow log onto “DashLane” or “LastPass”  via a password or PIN for convenience.

c.       It will “synchronize” it’s password database across all of your electronic devices and has a convenient Web Browser Plug In for ease of use

4.      FINANCIAL MATTERS:

a.      If you are currently storing your credit or debit card data in your Web Browsers built in data storage, consider disabling this capability and removing all credit card data from your Web Browser

b.      Consider using “virtual credit cards” instead of using your actual credit cards for online purchases:

                                                               i.      This Company https://privacy.com/ has an EXCELLENT virtual credit card product that will ensure that your Credit / Debit Cards are NEVER compromised by hackers again.

                                                             ii.      We highly encourage your using this on all your electronic devices

c.       Check your Bank Statements weekly during the Holiday Season

                                                               i.      If you find a questionable transaction, call your Bank immediately and let them know

d.      Never allow any website to store your card data.

                                                               i.      If you have allowed this in the past, take the time to remove it or call the company and have them remove it.

1.        Or, use virtual cards from Privacy.com

5.       Use a Virtual Private Network or VPN:

a.      We recommend the PROTON VPN which is free.

b.      A VPN has many amazing capabilities that provide 7x24x365 Cyber Security enhancements to your electronic devices

                                                               i.      Run the PROTON VPN on your desktop computer; Laptop; Tablet and Cell Phone

c.       There are also numerous other VPN software vendors that are quite good and easy to use:

                                                               i.      NordVPN

                                                             ii.      SurfShark VPN

                                                            iii.      Express VPN

                                                            iv.      PIA (for LINUX users)

                                                             v.      Cyber Ghost

                                                            vi.      PureVPN

6.       SOCIAL MEDIA:

a.      Be careful about over sharing on social media.

                                                               i.      Criminals routinely search Facebook and other Social Media sites for key words related to Vacations during the holidays.

                                                             ii.      You might be advertising to criminals that your house will be vacant making is an easy targeted for criminal burglary.

 

Wednesday, October 23, 2024

 

CYBER SECURITY UPDATE: Task automation tools and a whole lot more...

Are you looking for ways to relieve the drudgery of repetitive tasks for your IT or Cyber Security Department?

Here are some great ideas to do just that...

How about this? "... Using Identity Governance and Azure Functions to build a Self Service Application Access Management Solution..."??

Wouldn't that be awesome!

TUTORIAL [and a whole lot more]: https://thecloudblog.net/

Have a look, treat yourself you will find this well worth your time...


Monday, October 21, 2024

 

CYBER SECURITY PROJECTS:  Controlling your IOT devices

As a Cyber Security Practitioner, you should always be looking for ways to identify possible threats in your environment and minimize your attack surface.

Lot's of talk on the Inter-webs about Internet of Things [IOT] risks but not alot of practical information or use cases on what to do, how to quantify the risks, etc...

Here is An EXCELLENT write up on controlling your in-home IOT devices and snooping their telemetry data feeds... undoubtedly this has marvelous Corp Enterprise Network Applications...

TUTORIAL:   https://jmswrnr.com/blog/hacking-a-smart-home-device

 


Monday, September 16, 2024

 

CYBER SECURITY TIDBIT:  GITHUB repository of great tools for AZURE & O-365 "Entitlement Tasks" automation


Are you a thriving Cyber Security Practitioner looking for better tools to automate drudgery and create time for more interesting projects? Look no further...

Here is an excellent GITHUB repository with a wealth of great tools for Entitlement Management for AZURE & O-365

From the CMMC perspective (or any Compliance program for that matter), these are great capabilities to automate the generation of Audit Artifacts...

The smart Cyber Security Practitioner automates everything he/she can to make time for interesting tasks...

TUTORIAL:  https://github.com/nathanmcnulty/MMS2024FLL/blob/main/entra-entitlement-management/README.md

Thursday, July 18, 2024

 


CYBER SECURITY TIDBITS: New version of NETEXEC drops. 

 

Take your Network Security Skill Set to the next level, look at the attack surface of your Enterprise Network from an attackers perspective and proactively mitigate risks.


WIKI: https://www.netexec.wiki/

GITHUB: https://github.com/Pennyw0rth/NetExec?tab=readme-ov-file#readme

TUTORIAL:  https://medium.com/@nantysean/enumerating-a-corporate-network-with-netexec-7be7537b537d 


 

Thursday, April 18, 2024

CYBER SECURITY TIDBIT's:  Numerous great WIN64 Security / Hacking Tools Repository

"...Privilege escalation is when a threat actor gains elevated access and administrative rights to system(s) by exploiting security vulnerabilities. By modifying identity permissions to grant themselves increased rights and admin capabilities, attackers can conduct malicious activities, potentially resulting in significant damages.

Systems have different levels of privileges, which range from basic users with limited permissions to administrators with complete control. A successful privilege escalation incident means that an attacker has managed to escalate their own privilege level, thereby gaining increased control.

Cyber attackers use privilege escalation to open up new attack vectors on a target system. This enables them to evolve attacks from simple malware infections to catastrophic data breaches and network intrusions..."

Quoted from https://www.proofpoint.com/us/threat-reference/privilege-escalation 

Bruce Schneier on "...Privilege Escalation...", the absolute Master of all things Cyber Security weighs in...

Out here in the real world, world class Cyber Security Practitioners should always be on the look out for tools to monitor potential vulnerabilities that will modify their known attack vectors, here is a great repository of such tool...

Be that stand out Practicioner, gain mastery with these tools, increase your Business's odds of NOT being the next to have their reputation splattered all over the front of the Wall Street Journal...

You can do it....be THAT guy or gal...

Monday, February 12, 2024

Perception is Deception - Beware your Normalacy Bias...

 


 “...All warfare is based on deception. Hence, when we are able to attack, we must seem unable; when using our forces, we must appear inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near...”
Sun tzu, The Art of War

Monitoring Active Directory OU's and Group membership changes is a Category One [HIGHEST] risk mitigation strategy, absolutely... however...

Are you monitoring [and using REAL TIME ALERTING?] for all of the Domain Admin "...equivalent..." OU's and Groups?

...PROBABLY NOT...

If you're looking for a spot near and dear to your CISO's heart, couple this with the one - two punch of implementing some top shelf DNS Security Monitoring like "Digital Defense Cloud" from the great folks at ThreatSTOP in Carlsbad California, you can thank me later...

As Will Smith would say, "...get jiggy wit it!..." and REALLY minimize your attack surface and risk posture by getting this set up today!

A brief musical interlude...

See the attached article's and if you really want the inside scoop, check out the excellent companion article at ADSECURITY.ORG for more on this topic.

SOME EXCELLENT REFERENCES on AD GROUP and OU monitoring, not for the faint of heart...

Microsoft Guidance

 From the pro's @ ADSECURITY.org

Tuesday, January 9, 2024

Part Two: Effortless Credential Harvesting

 

 

"...One popular means of credential access is the use of Mimikatz, described as the “AK47 of cyber” . The OverWatch team regularly sees Mimikatz used by both targeted adversaries and pen testers..."

Quote from CrowdStrike Co-Founder, Dmitri Alperovitch.

BOTTOM LINE UP FRONT:

 Risk Awareness... it's got to be a cornerstone of your Attack Prevention Strategy... where can you get a "... Cyber Security Early Warning System?...".

Since I am not attempting to sell you anything, I'll tell you the truth... you need a stellar DNS Security Tool as the Crown Jewel of your Attack Prevention Strategy.  There are many players, mostly Johnny come Lately's on the far side of the Technology Adoption Curve, fighting over the crumbs in the marketplace.

One of the only Companies we recommend to our customers is "ThreatSTOP' from Carlsbad CA.  They have the defacto competitive advantage, the creator of DNS, Dr. Paul Mockapetris is their Chief Scientist and has been on their team for over seventeen years. Hard to beat that!

SOME EXCELLENT REFERENCES on MIMIKATZ BASED CREDENTIAL HARVESTING

the BEST explanation ever!

 Also great analysis..

 Great walk thru of a Mimikatz Credential Harvesting Attack

 Great non-technical backgrounder...