I am in the middle of another IT and Cyber Security audit for an organisation and as part of that report I have been asked to look at their SharePoint configuration. IT was set up in rush during the first lockdown and the board and CEO are not sure about …
The US government Cybersecurity and Infrastructure Security Agency security advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) is a trusted source of information on security updates and exploited vulnerabilities. My team use it as one of their go to resources. The latest updates include the other vendors that release updates around the same time as Microsoft’s Patch Tuesday. …
Microsoft Patch Tuesday
As promised – a reminder of Microsoft’s Patch Tuesday… This morning, our support team have been reviewing our client monitoring reports and the SOC to check that the Microsoft Patch Tuesday updates have been completed. They will keep an eye on the reports all day to check there are no …
Take care with unsolicited Teams files
A series of phishing attacks are being run using infected .zip files distributed via Microsoft Teams: Microsoft Teams phishing attack pushes DarkGate malware (bleepingcomputer.com) The zip file says it is a vacation schedule – but it is not really. A quick look at the article will show you how convincing …
Are You patched yet?
Following on from yesterdays article about using obsolete kit – almost as bad is using kit that has not been patched. There is a good reason that many of my articles here on Smart Thinking are about patches and updates, it is the most powerful cyber security step you can …
