Frustration is my fuel
In a new blog series we are going to be configuring Microsoft Intune from scratch. If you have not used it before and don't know where to start then this is the blog for you. We'll be covering the basics of creating App control, compliance, and antivirus policies, device configuration templates and auto enrolment settings. …
What is it? Priority Account Protection allows you to "tag" accounts as a priority accounts and enables additional protection for malicious email patterns which commonly target company executives, and highly targeted employees. It also provides extra visibility for alerts and investigations which can help improve reporting. This is a great feature as we are now …
Patch Management. Yes it's a thankless and impossible task but that's not a reason to give up. Here in the UK, if you want to meet requirements of the NCSC backed Cyber Essentials Plus scheme you need to be using in-support operating system versions and patch critical and high rated vulnerabilities in applications and software …
Continue reading "Cyber Security is easy, right? – Patch Management"
Technology can only take you so far. So, you've done everything you were told to do. You understand you have blind spots and weaknesses, you want to improve your cyber security posture, and have assigned a realistic budget to finance the improvements. You watch demonstrations of all the latest products available, and you're convinced they …
Continue reading "Cyber Security is easy, right? – Tech can only take you so far."
I’m sure you’ve all seen the news surrounding the latest hack involving Last Pass, and all the subsequent stories and blogs ranging from “everything is fine, no need to panic”, right through to “if you use Last Pass then your world is over”, but to an average user in the real world, what does this …
After years of hosting and maintaining the site and servers myself on Digital Ocean I've bitten the bullet and migrated to hosting it on WordPress.com I have found myself with less and less time to maintain the site and the backend and so have moved to the WordPress hosted version to reduce the admin overhead …
After having the channel taken down and most of the content deleted a little over a year ago, YouTube have now announced that the channel was taken down in error and did not breach their terms and conditions. Quite a remarkable U-Turn to be honest, however no sour grapes, just happy to have the channel …
While trying to update a server today I was receiving a dpkg error warning that the disk was full. This blog is me simply going through my trial and error process to eventually solving the problem. MAKE SURE YOU BACK UP YOUR ASSET (SERVER) BEFORE DOING ANYTHING LIKE THIS!!! A simple cmd will show disk …
Continue reading "How to remove old Kernel and header versions."
Mutillidae is a great open source project you can use to tech yourself webapp security, which is maintained by @webpwnized, and is great for learning how to secure webapps, check it out A quick video showing why you need both server and client side input validation. Here we bypass client side validation using Burp Suite …
Continue reading "Mutillidae Solution (Bypass Client Side Validation)"
If you have a Microsoft Web Server and you need to disable certain Crypto suites, for example ensure that you are not using SSL 2.0 or 3.0 or DES 56/56! Then IIS Crypto is a great tool for that.Firstly go to ssllabs and run a scan on your site.Once you have the results if there …
Continue reading "IIS Crypto (Managing Cypher Suites in IIS Servers)"
@2codemonte 