Hi folks, just a quick share, when I’m looking for news in the Cybersecurity world, I turn to this site: https://www.trukno.com/dashboard/news Have a nice day!
Category archives: infosec
Hi everyone, quick update here to point you to my LinkedIn profile where I share interesting information regarding everything related with Cybersecurity. Check it out: https://www.linkedin.com/in/jeroenroegiers
CIS critical controls v8
https://www.cisecurity.org/controls/v8/ Check out the latest version of the CIS controls. They are a great way to assess the CyberSecurity maturity of your organization!
Information gathering
Where do I get my information? Podcasts Risky Business, Patrick Gray, https://podcasts.google.com/?feed=aHR0cHM6Ly9yaXNreS5iaXovcnNzLnhtbA&ep=14 Blueprint, John Hubbard, https://podcasts.google.com/?feed=aHR0cHM6Ly9mZWVkcy5idXp6c3Byb3V0LmNvbS8xMTQyNzIwLnJzcw&ep=14 Defense In Depth, Allan Alford & David Spark, https://podcasts.google.com/?feed=aHR0cHM6Ly9kZWZlbnNlaW5kZXB0aC5saWJzeW4uY29tL3Jzcw&ep=14 Newsletters Integriti TL/DR sec Daniel Miessler Risky.biz Twitter
PingCastle
‘Get 80 percent of your Active Directory audited in 20 percent of your time!’ That’s the catch phrase of this invaluable tool. It is a joy to use and you’ll get instant, actionable results. A must have for everyone that takes the security of it’s AD seriously. Developed by the guy that contributed to Mimikatz, …
Disabling Credential Guard
The Windows feature credential guard can be a great way to tackle the stealing of credentials out of memory, but if you want to run VMs on your Windows 10 machine, it can also be a pain in the ass… When you get the error “VMware Workstation and Device/Credential Guard are not compatible” and you’ve …
Security architecture anti-patterns
Nice write-up from the NCSC in the UK regarding common mistakes in designing IT systems and their administration. https://www.ncsc.gov.uk/whitepaper/security-architecture-anti-patterns Do you use the ‘browse-up’ method for system administration? In other words, do you use a so called ‘jump-box’ to manage your systems? Find out how you can avoid this!
Cunning phishing tactics
As you might know, phishing is the most widespread tactic to deliver malware to clients.This article discusses some new tactics and techniques used by adversaries to deliver their payload onto our computers. Stay safe and think before you click that link or open that document! https://www.pcrisk.com/internet-threat-news/16577-microsoft-reveals-fiendish-phishing-tactics
Cybersecurity awareness
I came across this nice website (h/t @johnopdenakker ) that has some sound help to improve your online cybersecurity.Check it out: https://securityplanner.org
BHIS – GPO’s that kill Kill Chains
The guys (and girls) from BHIS have put together an excellent list of GPO’s that every company that takes Information security serious, should apply. Have a look here: https://www.blackhillsinfosec.com/webcast-group-policies-that-kill-kill-chains/ “What’s a ‘kill chain’ again?”, I hear you asking. I’ve got that covered too 🙂https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html