#defensivesecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #defensivesecurity, aggregated by home.social.
-
The cybersecurity certification landscape
https://negativepid.blog/the-cybersecurity-certification-landscape/#defensiveSecurity #threatHunting #forensics #offensiveSecurity #ethicalHacking #cybersecurityCareers #cybersecurityCerts #certifications #Cybersecurity #ITcareers #onlineSecurity #negativepid
-
The cybersecurity certification landscape
https://negativepid.blog/the-cybersecurity-certification-landscape/#defensiveSecurity #threatHunting #forensics #offensiveSecurity #ethicalHacking #cybersecurityCareers #cybersecurityCerts #certifications #Cybersecurity #ITcareers #onlineSecurity #negativepid
-
The decades-old Finger protocol is being abused in new ClickFix malware campaigns. Attackers are using Finger to pull remote commands onto Windows systems, leading to Python-based malware or NetSupport RAT infections. Newer variants even check for analysis tools before execution.
Anyone else seeing Finger traffic or legacy protocol misuse recently?
Follow for more updates.#Malware #ClickFix #InfoSec #ThreatIntel #WindowsSecurity #CyberSecurity #RAT #LegacyProtocols #DefensiveSecurity
-
📋 Server Security Checklist — Essential Hardening Guide 🛡️
Securing servers is critical to protect sensitive data, applications, and networks. Here’s a quick checklist every sysadmin and security engineer should follow to reduce risk and strengthen resilience. ⚡🔐
1️⃣ System & OS Hardening
🔹 Keep OS and packages updated (apply patches regularly).
🔹 Remove or disable unused services & software.
🔹 Configure secure boot and BIOS/UEFI passwords.2️⃣ Access Control
🔹 Enforce strong passwords + MFA for all accounts.
🔹 Use role-based access (least privilege).
🔹 Disable root/administrator login over SSH/RDP.3️⃣ Network Security
🔹 Restrict inbound/outbound traffic with firewalls.
🔹 Segment critical servers from general networks.
🔹 Disable unused ports & protocols.4️⃣ Secure Remote Access
🔹 Use SSH with key-based auth (disable password logins).
🔹 Enforce VPNs for admin access.
🔹 Monitor and log remote sessions.5️⃣ Logging & Monitoring
🔹 Enable centralized logging (syslog/SIEM).
🔹 Monitor failed login attempts & unusual activity.
🔹 Configure alerts for critical events.6️⃣ Data Protection
🔹 Encrypt sensitive data at rest & in transit (TLS, disk encryption).
🔹 Regularly back up data to secure, offline storage.
🔹 Apply strict database access policies.7️⃣ Application & Patch Management
🔹 Keep middleware, frameworks, and apps patched.
🔹 Remove default credentials and sample configs.
🔹 Use secure coding practices.8️⃣ Malware & Intrusion Defense
🔹 Deploy antivirus/EDR for endpoints.
🔹 Enable IDS/IPS at the network edge.
🔹 Scan regularly for vulnerabilities.9️⃣ Physical & Cloud Security
🔹 Restrict physical access to server rooms.
🔹 Harden cloud instances with provider tools (security groups, IAM).
🔹 Regularly review cloud audit logs.🔟 Policy & Compliance
🔹 Apply CIS/NIST benchmarks.
🔹 Document access, configs, and changes.
🔹 Train admins in security best practices.#ServerSecurity #CyberSecurity #InfoSec #BlueTeam #SysAdmin #ITSecurity #SecurityChecklist #DefensiveSecurity
-
Joomla Web Services WITHOUT Super User. Least Privilege Principle. One of the fundamentals of Information Security.
https://apiadept.com/technical/joomla-web-services-without-super-user
#acl #cybersecurity #blueteam #defensivesecurity #leastprivilegeprinciple #defenseindepth #joomla #developer -
Joomla Web Services WITHOUT Super User. Least Privilege Principle. One of the fundamentals of Information Security.
https://apiadept.com/technical/joomla-web-services-without-super-user
#acl #cybersecurity #blueteam #defensivesecurity #leastprivilegeprinciple #defenseindepth #joomla #developer -
Joomla Web Services WITHOUT Super User. Least Privilege Principle. One of the fundamentals of Information Security.
https://apiadept.com/technical/joomla-web-services-without-super-user
#acl #cybersecurity #blueteam #defensivesecurity #leastprivilegeprinciple #defenseindepth #joomla #developer -
Joomla Web Services WITHOUT Super User. Least Privilege Principle. One of the fundamentals of Information Security.
https://apiadept.com/technical/joomla-web-services-without-super-user
#acl #cybersecurity #blueteam #defensivesecurity #leastprivilegeprinciple #defenseindepth #joomla #developer -
It took until the Second Edition, but now the audiobook version of The Defensive Security Handbook has been released!!
Share with your friends, your co-workers, your leadership, family that you kind of like, etc
#newrelease #secondedition #defensivesecurity #infosec #audiobook #cybersecurity
-
🔐 Cybersecurity Essentials: In this diagram, we help you understand the key cybersecurity approaches needed for resilience.
At RELIANOID, we support organizations by monitoring and securing all these layers in a dynamic threat landscape. 🛡️
#Cybersecurity #DefensiveSecurity #OffensiveSecurity #HybridApproach #Firewall #Antimalware #AccessControl #DataLossPrevention #PenetrationTesting #RedTeaming #DisasterRecovery #ThreatIntelligence #RELIANOID #DataProtection
-
The Locksmith Active Directory (AD) Certificate Services (CS) remediation tool has been updated: https://github.com/TrimarcJake/Locksmith
New features:
- Support for Restricted Admin Mode. If RAM is detected, Locksmith will ask to be re-run using the -Credential switch.
- If the AD Powershell module is not installed on Win 10/11, Locksmith will attempt to install it for you.
Note: previously only available on server-class OSes.
- New functions for checking user type and elevation status.
- Auto-generated snippets for ownership issues (a subset of ESC4/ESC5).
- Support for non-English Active Directory environments!Next planned updates:
- Add individual CA Hosts to $SafeUsers using SIDs.
- Perform additional environment checks before attempting to run.
- Rename modes to something that makes sense.#IAM #IdentitySecurity #CertificateServices #ActiveDirectory #ActiveDirectoryCertificateServices #ADCS #PKI #Locksmith #OpenSource #DefensiveSecurity #DefensiveSecurityTooling #Pizza