Our Vision

To give customers the most compelling IT Support experience possible.

Our Mission

Our mission is simple: make technology an asset for your business not a problem.

Our Values

We strive to make technology integrate seamlessly with your business so your business can grow. As your technology partner, when your business grows ours will grow with you, therefore, we will work hand in hand with you to support your growth.

Our Values

We develop relationship that makes a positive difference in our customers Business.

Our Values

We exibit a strong will to win in the marketplace and in every aspect of our Business

Monday, July 12, 2021

Insider Threat

 
An Insider can be ANYONE Employee, Contractor, Business Partner, etc. with the right motive and means, and can have a Tactics at their disposal, that will put an organization’s assets at risk. An organization must Think Outside The Box to successfully detect and mitigate the risks posed by Insiders.
 

 
 
Malicious Insiders don’t care about compliance regulations. They just look for security gaps and vulnerabilities within an organization, to achieve their objectives. The impacts from Insider Threat incidents can be very severe, costly and damaging. 
 
Not all incidents by Insiders are malicious. Non-Malicious Insider incidents can be just as damaging as malicious incidents. Given this threat landscape, it is imperative that critical infrastructure entities prioritize and dedicate resources to preempt and/or mitigate insider threat.
 
To help The National Counterintelligence and Security Center (NCSC) issued “Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective. Read on attached document if you interested .  insider threat 
 
Related to this is another whitepaper by Simone (Cy) Genna publish by SANS Title: Information Security Starts with the Employees which you can download from here 
 
 
 
#cybersecurity #informationsecurity #databreach #datasecurity #intelligence #infrastructure #risk

Sunday, July 4, 2021

Kaseya VSA Supply-Chain Ransomware Attack

After #printnightmare Another High Alert for Security Community and administrators. No weekend or holidays for #cybersecurity .

#Kaseya VSA Supply-Chain #Ransomware Attack by ransomware group REvil is exploiting vulnerable instances of Kaseya VSA globally. 

Kaseya VSA is a platform that provides endpoint management and network monitoring. Anyone who is currently using or has a MSP that is running #Kaseya software has potentially been compromised! 

Once inside the supplier’s system, attackers use it as a jumping off point to access its customers’ networks too. Then they install ransomware, which locks up victims’ data, only releasing it once a ransom payment has been made.


It is recommend organisations follow the advice provided by Kaseya, to immediately #shutdown your Kaseya server until further notice. 

So far 200 US company affected and one of Sweden's biggest grocery chains, closed all of its 800 stores today after this attack as they were unable to operate its cash registers.

Technical Details: Kaseya supply chain attack Indicators of Compromise (IOCs)

HASHES (SHA256) d55f983c994caa160ec63a59f6b4250fe67fb3e8c43a388aec60a4a6978e9f1e e

2a24ab94f865caeacdf2c3ad015f31f23008ac6db8312c2cbfb32e4a5466ea2 8

dd620d9aeb35960bb766458c8890ede987c33d239cf730f93fe49d90ae759dd 

More info available here: https://lnkd.in/gJ5hfD2 S

someone rightly said Cybercriminals are awful for a whole bunch of reasons, but especially for ruining long weekends and holidays for IT professionals over and over again. Be nice to your IT team. They're the ones working through the nights and weekends to protect you from these scum. 

 #ThreatHunting #IOC #REvil #KaseyaVSA #KaseyaHacked #KaseyaVSA #MSP

Saturday, July 3, 2021

Print Spooler vulnerability PrintNightmare

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. 

An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. Attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

 Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the #Print #spooler service disabled. Do It now and save yourself from Print spooler vulnerability CVE-2021-34527 #printnightmare

see the flowchart to determine if you required to disable print spooler now


If disabling the Print Spooler service is appropriate for your organisation you can do the following way.

1. The recommended way to do this is using a Group Policy Object via

Computer Configuration > Administrative Templates > Printers >>

Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks 

 2. You can also use the following PowerShell commands:

 Stop-Service -Name Spooler -Force 

 Set-Service -Name Spooler -StartupType Disabled

 Good Luck. 

 #windows #printer #printnightmare


Saturday, June 26, 2021

Commmon Cyber Security Terms

Real life example of Cyber risk response.  This might help you to understand some key concept in cyber world. After all, Cyber Security don't have to be boring, right. Then read on, this might help you smile. 


 

Threat Actors = someone who wants to punch you in the face. 

Threat = the punch being thrown.

Severity = whether you fall down after the punch, and how long it might take for you to stand up again.

Vulnerability = your inability to defend against the punch 

Risk = the likelihood of getting punched in the face  

Acceptable Risk = your willingness to be punched in the face  

Attack Surface = the size and shape of your face 

Impact = broken nose, medical bills, lost time at work
Single loss event = one tooth,
Risk appetite = number of teeth willing to part with,
Compensating control = dentures / Mate who was in the special forces'
Vulnerability Assessment = checking the size and shape of your face
Compliance = how you think this all works until you've been punched in the face
Risk posture = whether you know that talking shit in a pub is likely to get you punched in the face or not.
RTO = how long it takes you to regain consciousness
RPO = how much you forget when you blacked out 

Cyber Risk Insurance = your mates at the pub betting on if you can "talk that kinda shit" and not get punched in the face 

 


Penetration testing / PEN TEST = saying "boo" very loudly to see if you'll protect your face 

Red Team = boxing 

Exploit = the fist 

0day = kick in the groin  

Side channel = your wallet being nicked whilst you are being punched in the face.

APT = a mate who also wants to punch you in the face 

Unhackable = Pissing off professional boxers while bragging about your knowledge of Karate.

Bounty Hunter = someone who promises to wear gloves when they punch you if you promise to pay them based on where they punch you 

Bug Crowd = cage fight organizer.



Security stack /  Blue Team = your mates at the pub with you 

Patch Tuesday = your weekly gym visit

Alert = friend who calls an ambulance.
Investigation
➡️ triage: the EMTs who arrive.
Incident response: the doctors who remediate your punched face.
Digital forensic: documenting your injuries to reconstruct the type of punch in detail.
Threat Intelligence = pointing at a person that has a history of punching people in the face.i e, “Bob’s going to come at you with a right cross” 

Air gap = avoiding the pub by staying at home
DEFCON presentation = all of your friends getting drunk in Las Vegas watching video of you being punched in the face.



Enjoy your day.

credit: it all started from caseyjohnellis @cje twitter account

Thanks  Faysal Hasan  Connect with me in Linked In

Windows 11 is here . all new features and exciting things to come ..

  Windows11 is here. From the official release that details new features for windows11


 
Windows11 is also secure by design, with new built-in security technologies that will add protection from the chip to the cloud, while enabling productivity and new experiences. Windows 11 provides a Zero Trust-ready operating system to protect data and access across devices.

The team have worked closely with OEM and silicon partners to raise security baselines to meet the needs of the evolving threat landscape and the new hybrid work world.

 


Windows 11 unlocks the full potential of your system’s hardware, putting some of the latest #gaming technology to work for you. Like: DirectX 12 Ultimate, which can enable breathtaking, immersive graphics at high frame rates; DirectStorage for faster load times and more detailed game worlds; and Auto HDR for a wider, more vivid range of colors for a truly captivating visual experience.



Also Windows 11 will be bringing #Android apps to Windows for the first time. Starting later this year, people will be able to discover Android apps in the Microsoft Store and download them through the #Amazon Appstore – imagine recording and posting a video or using Khan Academy Kids for virtual learning right from your PC.



Windows 11 will be available through a free upgrade for eligible Windows 10 PCs. To check if your current Windows 10 PC is eligible for the free upgrade to Windows 11, visit Windows.com to download the PC Health Check app


Here is the official release details  Link https://blogs.windows.com/windowsexperience/2021/06/24/introducing-windows-11/


Twitter Facebook Favorites More