Our Vision

To give customers the most compelling IT Support experience possible.

Our Mission

Our mission is simple: make technology an asset for your business not a problem.

Our Values

We strive to make technology integrate seamlessly with your business so your business can grow. As your technology partner, when your business grows ours will grow with you, therefore, we will work hand in hand with you to support your growth.

Our Values

We develop relationship that makes a positive difference in our customers Business.

Our Values

We exibit a strong will to win in the marketplace and in every aspect of our Business

Increased risk of phishing scams following CrowdStrike outage




The Australian Signals Directorate has issued a warning about an increased risk of phishing scams following yesterday's CrowdStrike outage.

According to the alert, ASD’s ACSC has identified numerous malicious websites and unofficial code claiming to assist entities in recovering from the widespread outages caused by the CrowdStrike technical incident.

ASD’s ACSC strongly advises all consumers to obtain their technical information and updates directly from official CrowdStrike sources only. [Learn more here]https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/widespread-outages-relating-crowdstrike-software-update?fbclid=IwZXh0bgNhZW0CMTEAAR1veIrKLYJrloZIx7AvqS6Nlqv3UfvENiPg6lVbHUhffjbS_7HBzNQEGdI_aem_TUaGcC36MEN9SJxw0OUTnQ


It appears that threat actors are exploiting the #CrowdStrike situation through #phishing and #spoofing campaigns.

Here is a list of newly created domains https://urlscan.io/search/#crowdstrike*

Before clicking on any links, use tools like Domain Dossier, URLscan.io, and VirusTotal to check their authenticity — because threat actors never miss an opportunity to exploit a disaster.

#threatactors #hackers #CrowdStrike #phishing #urlscan #cybertip #VirusTotal #ASD #ACSC #AISA #Australia

Crowdstrike Global IT outage affecting computers around the world

A current worldwide #CrowdStrike issue causing #BSOD. Seen reports from  AU, NZ ,Japan, India. And Europe. The global computer outage affecting airports, banks and other businesses.

CrowdStrike’s cybersecurity software — used by numerous Fortune 500 companies, including major global banks, healthcare and energy companies — detects and blocks hacking threats. Like other cybersecurity products, the software requires deep-level access to a computer’s operating system to scan for those threats. In this case, computers running Microsoft Windows appear to be crashing because of the faulty way a software code update issued by CrowdStrike is interacting with the Windows system.

This issue is not impacting Mac- or Linux-based hosts

Some servers on perm and cloud and devices are not resuming correctly and are getting stuck in boot loops that have #Crowdstrike.

Some seen successful reboots which work for about 15 mins and then they stop and then go back into a boot loop.

Technical Breakdown

1. Crowdstrike publishes a content update for their threat feed, which is basically a list of patterns of “bad things” 

2. Software agents get this update and apply the controls to block things that match this pattern 

3. The update has a pattern which matches a critical Windows process but the software blocks it anyway

4. Windows crashes with a Blue Screen of Death (BSOD) and reboots 

5. On reboot, CrowdStrike kills the process again and Windows reboots

6. And it’s now a loop… There are various ways of fixing this but for most systems it will involve physically visiting every affected system, booting into “safe mode” and fixing the problem manually. 

For some cloud systems though, such as AWS, “safe mode” is not even possible so this fix doesn’t work. The virtual servers will need to be shut down, their disks cloned, attached to another server, edited to remove the offending files and then finally reattach to the original server.

BUT, if you’re protecting your data and using encryption at rest, you need to manually decrypt the disk with a BitLocker Recovery Key, which is probably - for most companies


Updated workaround steps:

Boot Windows into Safe Mode or the Windows Recovery Environment

Navigate to the C:\Windows\System32\drivers\CrowdStrike directory

Locate the file matching “C-00000291*.sys”, and delete it.


Boot the host normally.

Crowdstrike published a post with updated details for quering machine and how to fix here

https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/


This is really just a good reminder of how MANY systems are dependent on IT. 

Technology is engrained in every part of our lives. We don’t notice it when it’s working well. We only notice when something goes wrong. No one talks about how many millions of attacks were stopped, or upgrades that went smoothly. Everyone remembers the ones that didn't.

#Crowdstrike #update #BSOD #EDR #outage #ITissue


Free cyber security course. Delve into essential cybersecurity NIST Risk management frameworks

 🌟 Exciting Announcement Alert! Last week, NIST took a significant step in advancing cybersecurity education by releasing four introductory courses covering their flagship publications for FREE! 🆓



📘 Delve into essential cybersecurity frameworks with courses on:

- NIST SP 800-37, Risk Management Framework (RMF) 

- NIST SP 800-53, Security and Privacy Controls for Information Systems and Organizations

- NIST SP 800-53A, Assessing Security and Privacy Controls in Information Systems and Organizations

- NIST SP 800-53B, Control Baselines for Information Systems and Organizations


🔍 These meticulously curated courses offer unparalleled insights into cybersecurity best practices, delivered in a concise format designed to optimize learning efficiency. With just 60 minutes required for each course, professionals can easily incorporate this valuable knowledge into their busy schedules.


But the excitement doesn't stop there! NIST has also unveiled a comprehensive crosswalk between NIST CSF 2.0 and NIST SP 800-53, providing invaluable guidance for cybersecurity practitioners navigating these frameworks.


Some common question and answer regarding the course

Q: Are these courses self-guided or instructor-led?

A: The courses provided are self-guided online courses.


Q: Is there a fee to access these courses?

A: No. The NIST materials provided on the CSRC website, including the RMF and SP 800-53 series introductory courses, are free to any interested party.


Q: Is registration required?

A: No. Registration is not required to access the courses.


Q: Is there a quiz at the end of each course?

A: No, there are no quizzes at the end of each course. The material in each course is provided for informational purposes only.


Q: Are certificates issued upon completion of the courses?

A: At the end of each course presented on this NIST website, a certificate of course completion is provided as a courtesy. The certificate only identifies that the course material was viewed and does not attest to any qualifications, knowledge, or skill level resulting from the completion of the course.


Q: How do I print the certificate of completion?

A: Use the browser's print option, generally found in the browser menu, to print or capture a PDF of the course certificate. Please add your name and the date of completion to the certificate.


🔗 Dive into these invaluable resources today! Links to the crosswalk and courses can be found in here https://csrc.nist.gov/Projects/risk-management/rmf-courses


.Let's elevate our cybersecurity expertise together!


 💼 #NIST #Cybersecurity #ProfessionalDevelopment #KnowledgeIsPower

Securing Your Future: The Bright Outlook for Careers in Cybersecurity

The Bright Future of Careers in Cybersecurity. Explore the thriving job market, competitive salaries, and abundant growth opportunities in cybersecurity careers. Discover why a career in cybersecurity offers both financial rewards and the satisfaction of protecting our digital world



The landscape of cybersecurity careers is experiencing a significant uptrend, fueled by several driving forces:


Rising Cyber Threats:

The frequency, complexity, and cost of cyberattacks are on the rise. This escalating threat landscape is prompting organizations across all sectors to prioritize investments in robust cybersecurity measures.


Advancing Technologies:

The widespread adoption of cloud computing, mobile devices, and the Internet of Things (IoT) is expanding the attack surface for cyber threats. As a result, there is a growing need for skilled professionals to secure these evolving technologies.


Increased Awareness:

With cyberattacks making headlines, both businesses and individuals are increasingly recognizing the critical importance of cybersecurity. This heightened awareness is translating into a greater demand for qualified cybersecurity professionals across industries.


Here are four promising trends to consider when contemplating a career in cybersecurity:


1. Favorable Job Market:

According to recent projections from reputable sources, the global cybersecurity workforce is projected to face a shortage of millions of professionals by 2024. This significant talent gap indicates a thriving job market for individuals with the requisite skills and expertise.


2. Competitive Compensation:

Given the high demand for cybersecurity skills, professionals in this field can anticipate competitive salaries. Many positions offer lucrative earning potential, reflecting the value placed on cybersecurity expertise by organizations worldwide.


3. Abundant Growth Opportunities:

The cybersecurity landscape is dynamic and ever-evolving, presenting numerous avenues for career advancement and skill development. Professionals can specialize in various domains, pursue leadership roles, or explore adjacent fields such as cybercrime investigation.


4. Fulfilling Career Trajectory:

Beyond financial incentives, a career in cybersecurity offers the gratification of safeguarding sensitive information and critical infrastructure. It is a profession where individuals can actively contribute to protecting the digital realm and making a tangible difference in securing our interconnected world.


In conclusion, the outlook for cybersecurity careers is exceptionally promising, with abundant opportunities for growth, competitive compensation, and the chance to make a meaningful impact. For those considering a career in cybersecurity, the future is indeed bright and brimming with potential.



Navigating the Path to a Cybersecurity Career in Australia or anywhere : Roles, Opportunities, and Guidance

Embarking on a career in cybersecurity is an exciting journey filled with opportunities for growth and learning. With the ever-evolving digital landscape, the demand for skilled cybersecurity professionals continues to rise, making it an ideal time to explore this dynamic field. 


In this post, we will delve into the various roles available in cybersecurity, including specialized positions, and provide guidance on how to pursue them effectively in the Australian market

1. Blue Team Roles

   Security Analyst: Responsible for monitoring and analyzing security events, investigating incidents, and implementing defensive measures to protect an organization's systems and data.

   Security Operations Center (SOC) Analyst: Works in a SOC environment, monitoring security alerts, triaging incidents, and responding to threats in real-time.

   Incident Responder: Focuses on incident detection, containment, and recovery, coordinating response efforts during security breaches or incidents.


 Getting Started: Entry-level positions often require foundational knowledge of cybersecurity principles and tools. Pursue certifications like CompTIA Security+ and gain experience through internships, entry-level roles, or hands-on projects.


2. Red Team Roles:

   Penetration Tester (Pen Tester): Conducts authorized simulated attacks on systems and networks to identify vulnerabilities and assess security posture.

   Ethical Hacker: Utilizes hacking techniques and methodologies to identify and address security weaknesses in systems and applications.

   Security Consultant: Provides expertise in assessing and improving security controls, conducting security assessments, and recommending remediation measures.


   Getting Started: Develop technical skills in penetration testing, network security, and ethical hacking through hands-on labs, capture-the-flag (CTF) competitions, and certifications like Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP).


3. Compliance and Governance Roles:

   Governance, Risk, and Compliance (GRC) Analyst: Ensures adherence to regulatory requirements, industry standards, and internal policies, conducting risk assessments and developing compliance strategies.

   Security Auditor: Conducts audits of systems, processes, and controls to assess compliance with regulatory frameworks and industry standards.


   Getting Started: Gain knowledge of relevant regulations and standards such as GDPR, HIPAA, ISO 27001, and NIST Cybersecurity Framework. Pursue certifications like Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM).


4. Specialized Roles:

   Cloud Security Specialist: Focuses on securing cloud environments, ensuring the confidentiality, integrity, and availability of cloud-based assets and services.

   IoT Security Specialist: Addresses security challenges associated with Internet of Things (IoT) devices, networks, and ecosystems, ensuring the protection of connected devices and data.

   Industrial Control Systems (ICS) Security Analyst: Secures operational technology (OT) environments, including supervisory control and data acquisition (SCADA) systems and industrial control systems, against cyber threats.


   Getting Started: Gain specialized knowledge and skills through training programs, certifications, and hands-on experience in specific domains such as cloud security, IoT security, or industrial cybersecurity.


To pursue these roles, it's essential to continuously expand your knowledge, develop practical skills, and stay updated on emerging technologies and threats. Engage in professional development activities, participate in relevant communities and forums, and leverage networking opportunities to connect with industry professionals and explore career paths in cybersecurity. Additionally, consider pursuing advanced certifications and higher education programs to deepen your expertise and advance your career in the field


Getting Started in Cybersecurity: Your Roadmap to Success


Embarking on a career in cybersecurity can seem daunting, especially for newcomers to the field. However, with the right approach and resources, anyone can start their journey towards becoming a skilled cybersecurity professional.

Here's a comprehensive roadmap to help you get started:

1. Gain Foundational Knowledge: Begin by building a strong foundation in cybersecurity principles, concepts, and technologies. Consider enrolling in formal education programs such as cybersecurity-related courses, diplomas, or degree programs offered by universities or technical colleges. These programs cover essential topics such as network security, cryptography, risk management, and ethical hacking, providing you with a solid understanding of the fundamentals.


2. Explore Different Areas of Cybersecurity: Cybersecurity is a broad field with various specializations and career paths. Take the time to explore different areas of cybersecurity to discover where your interests and strengths lie.

The spectrum of skills required in Cyber is larger than that of most professions.

We need people who understand:

➡️ People Management

➡️ Security Compliance and Regulations

➡️ Governance and Risk Management

➡️ Legal and Ethical Considerations

➡️ Security Awareness, Training and Psychology

➡️ Engineering

➡️ Architecture

➡️ Endpoints & Networks

➡️ Secure DevOps (DevSecOps)

➡️ Threat Intelligence

➡️ Detection & Investigation

➡️ Incident Response

➡️ Security Research and Innovation

➡️ and more…


Truth is, effective Cyber Security is a team sport. One where a diverse group of people are working together, communicating and playing to our strengths.

Research roles such as security analyst, penetration tester, security consultant, or compliance officer to understand their responsibilities, required skills, and career prospects. Engage with online communities, forums, and professional networking platforms to connect with experienced professionals and learn from their experiences.


3. Pursue Certifications and Training: Certifications play a crucial role in validating your knowledge and skills in cybersecurity and are highly valued by employers. Consider obtaining industry-recognized certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM). These certifications demonstrate your expertise and commitment to the field, increasing your chances of landing a job in cybersecurity. Additionally, leverage online training platforms and resources such as Cybrary, Coursera, or Udemy to further enhance your skills and knowledge in specific areas of cybersecurity.


4. Gain Practical Experience: Hands-on experience is invaluable in cybersecurity and can significantly enhance your employability. Look for opportunities to gain practical experience through internships, co-op programs, or entry-level positions in cybersecurity-related roles. Many organizations offer internship programs specifically for cybersecurity students or recent graduates, providing valuable exposure to real-world cybersecurity challenges and environments. Additionally, consider participating in capture-the-flag (CTF) competitions, hackathons, or open-source projects to hone your technical skills and problem-solving abilities.


5. Network and Engage with the Cybersecurity Community: Networking is key to success in cybersecurity. Connect with professionals in the field, join online communities and forums, and attend industry events, conferences, and meetups to expand your network and learn from others. 

Join professional organizations like the Australian Information Security Association (AISA) or the Australian Computer Society (ACS) to connect with industry professionals and stay updated on the latest trends and developments. Attend events such as BSides, which offer networking opportunities and valuable insights into the cybersecurity community.

Engage with cybersecurity professionals on platforms like LinkedIn, Twitter, or Reddit, participate in discussions, ask questions, and seek mentorship opportunities. Building relationships with experienced professionals can provide valuable insights, guidance, and career opportunities in cybersecurity.


6. Continuously Learn and Stay Updated: Cybersecurity is a constantly evolving field, with new threats, technologies, and best practices emerging regularly. Stay updated on the latest trends, developments, and news in cybersecurity by following industry blogs, podcasts, and news sources. Subscribe to cybersecurity newsletters, join relevant online forums and communities, and participate in webinars, workshops, and training sessions to stay informed and expand your knowledge. Additionally, consider pursuing advanced certifications, attending conferences, or pursuing higher education programs to further develop your expertise and advance your career in cybersecurity.


By following this roadmap and taking proactive steps to build your skills, gain experience, and network with professionals in the field, you can kickstart your career in cybersecurity and embark on a rewarding and fulfilling journey in this dynamic and high-demand field.

Navigating a cybersecurity career in Australia requires dedication, continuous learning, and perseverance. By exploring different roles, gaining practical experience, and staying updated on industry trends, you can embark on a rewarding career path in cybersecurity and contribute to the protection of organizations against evolving digital threats.

For more guidance and resources on pursuing a cybersecurity career in Australia, stay connected with MaximisIT.net, your trusted partner in cybersecurity.

Twitter Facebook Favorites More