VMware Carbon Black Cloud – Next Generation Security

VMware Carbon Black Cloud

This interesting company Carbon Black, a VMware acquisition Oct, 08, 2019 , then lead me to watch the live demo’s / presentation at VMworld 2019. This product, possibly a game changer (opinions are my own) in the security space of VMware.

With my background in VMware vSphere, Qualys, McAfee, Trend Micro, Symantec and Ethical Hacking, this product jumps out to me. I started looking in more detail at what this new integration could do.

Image from “VMWCB-VMware-Carbon-Black-Cloud-1.pdf”

Could these features, now built in to / plugin for vCenter replace many other security products?

Components

  • Next-Generation Antivirus and EDR
  • Managed Alert Monitoring
  • Real-time device assessment
  • Inbuilt and Proactive Threat intelligence

Benefits

  • One Console – Provides One Platform for your Security
  • One Agent – Reduce the endpoint security agents required
  • Reduce CPU usage

For more information or a demo, visit the Carbon Black site.

Account Hack / Phishing Email Alert / #IR35

Be careful, if an email account has been compromised, you might receive a genuine looking email which will pass through your spam filter. As an example, I have just received an email from “FirstName.LastName@”Domain Name Remove”.co.uk”. This was confirmed with a quick phone call to the company where I was informed the account had been hacked and I should delete the spam email. This post is just to raise awareness. The companies name is covered intentionally, as is their website.

Some basic warning signs were there:

  • No branding
  • No reference or invoice number
  • Somewhere to click.

Some more interesting features are:

  • The link – Simply hover over the PDF link to reveal that well known domain “1drv.ms”. A OneDrive shared link, in theory a trusted source, but why not just attach a PDF if the mail is genuine?

  • The email domain was linked to a genuine company @”Domain Name Removed”.co.uk – this genuine victim being used as a cover.

    The target was obviously selected based on a hot topic in the media they deal with.

  • And the different no_reply@accountpayable.com domain you can purchase was a nice discovery.

Office 365 – Security (Part 1)

Have you setup MS Office 365? Did you start with security in mind?

Have you reviewed your Security and privacy settings? Nothing is configured out of the box. When implementing o365, start treating the platform as if you were securing your On-Prem infrastructure.

Start with the basics:

  • Password Policies
  • Privacy Statements

Can you add additional security to users?

Have you enabled and enrolled users to use MFA? Is it Enfored MFA?

Has access been restricted?

https://docs.microsoft.com/en-us/sharepoint/control-access-based-on-network-location

Mobile Device Management, are you applying any controls to apps accessing OneDrive?

Has logging been enabled for the Office 365 Security and Compliance reports and stats

Phishing TEXT Scam

Phishing TEXT Scams

Watch out for the latest Phishing TEXT Scams. This week they are getting a bit lazy and less convincing. This #Fake #Halifax text has just been received. SUSPICIOUS activity!! On an account I don’t have with Halifax, or in this case an account with “hlxdata.online”

> Sent from “+44 7597009141” #Dangerous Rating #O2

> Either not even masking the number or its masked with this bogus number

> HLXdata.online a very catchy web address

+ Check numbers out for SCAM details, start with for the number on Google +Don’t visit sites marked “HLXdata.online” for you large corporate bank +Don’t phone the number on the message. Call the number on the back of your bank card

+ Question everything.

#CyberSecurity #raisingawareness #phishingattack #phishingtext #phishing #Scam #txt #text #Alert

Phishing Email – TV Licensing – Don’t be a victim

Watch out for the latest Phishing Email Scams. They are getting ever more convincing. This TV Licensing email just came through.

Sent from “Trusted Sender”

No spelling or grammar issues

Always, catching your eye.

EEEeee I’ve not paid a bill.

Sign up now.

ALWAYS ALWAYS hover over the links to view the correct URL address.

Nobody takes payments via clear txt “HTTP”

TV license dont use “soul-rebel.de” A german .de site collecting my TV license these days. Oh reall

DON’T user phone numbers in Phishing emails for verification of a legit email.

Question everything.

Secured By miniOrange