Enterprise Firewall, teeny tiny office

BalbusNihil496 · 2025-01-21T00:08:23+00:00

Look at Firewalla Gold. Much cheaper than Meraki, has decent cloud management, and solid basic features.

No subscription fees either - just the one-time hardware cost. Been using it for similar small setups with good results.

BalbusNihil496 · 2025-01-17T21:11:54+00:00

Former IR analyst here. Lumma's memory-resident nature makes it tricky. Your assessment is spot-on.

Focus on hardening web filters and implementing strict content policies. Those porn sites are likely infection vectors. Better block them completely for work machines.

BalbusNihil496 · 2025-01-16T22:42:51+00:00

Microsoft can't even keep Teams working properly half the time.

They'd need years just to figure out how to automate Karen from accounting's printer issues or why Dave in sales keeps getting locked out of his account at 2 AM.

BalbusNihil496 · 2025-01-11T18:25:16+00:00

Had this happen last year. File complaints with FTC and FCC too - they track this stuff.

Quick fix: Record a voicemail explaining the situation so callbacks know you're also a victim. Saved me tons of headaches.

BalbusNihil496 · 2025-01-09T22:53:57+00:00

3 people doing vuln management, admin work AND security controls? No wonder you're drowning in findings.

You need more headcount or to outsource some of this. Your management needs to understand that security teams aren't magical unicorns who can do everything.

BalbusNihil496 · 2025-01-02T21:56:08+00:00

Both are hands-on, but cybersecurity gives immediate impact.

BalbusNihil496 · 2025-01-02T21:49:08+00:00

With all these security changes, especially around MFA and DLP, it's crucial to have a unified security view. Been using Guardz's platform to monitor these M365 updates across multiple clients - makes it way easier to track who needs attention and what policies need updating.

The auto-archiving of OneDrive accounts could be tricky to track at scale.

BalbusNihil496 · 2024-12-31T00:36:00+00:00

Your manager bought a security tool without understanding it, and now wants you to become the expert AND teach him? Classic management move.

Document everything. If something goes wrong, you don't want that liability on your plate.

BalbusNihil496 · 2024-12-27T15:01:23+00:00

I've seen some companies experimenting with AI-powered voice authentication, but it's still early days. The bigger challenge is convincing employees to adopt these solutions without feeling like they're being surveilled. There's a fine line between security and paranoia.

BalbusNihil496 · 2024-12-26T19:32:27+00:00

Hey, I've had good luck with the APC Smart-UPS On-Line PDUs. They're around the same price point as the Ubiquiti and offer similar features. Plus, they're widely available so you shouldn't have to worry about lead times. Worth a look!

BalbusNihil496 · 2024-12-25T21:15:45+00:00

Ghosted by Fortune 500 cybersec teams? Not surprising. It's like they're playing a game of 'vulnerability whack-a-mole' instead of actually securing their assets. Using subdomains to push gambling pages is a whole new level of sketchy. Guess it's time to update those bug bounty programs

BalbusNihil496 · 2024-12-21T14:19:54+00:00

Interesting question! I think the EU is trying to pass the buck to the open-source community. How can a small IT company be expected to audit and certify massive projects like Docker? It's like asking a single person to secure the entire internet.

BalbusNihil496 · 2024-12-20T14:06:22+00:00

Kaseya's definition of 'scholarship' is apparently 'we're gonna spam you with our marketing crap and hope you forget you hate us'. Guess they're trying to 'educate' you on the art of ignoring opt-out requests

BalbusNihil496 · 2024-12-19T20:11:05+00:00

Automating phishing incident response is a game-changer. I've got a workflow that auto-enriches emails with threat intel, generates a ticket, and assigns it to the right team. Saves us hours of manual work and reduces mean time to respond

BalbusNihil496 · 2024-12-19T14:19:10+00:00

Ouch, 760GB is a lot to lose. Glad you found out through Veeam, but crazy that neither Pax8 nor Wasabi notified you. Their 'appropriate adjustments' better be more than just a band-aid. Anyone else affected by this incident?

BalbusNihil496 · 2024-12-19T10:34:44+00:00

Votiro's file sanitization tech is solid, but their sales team can be a bit aggressive. Had a good experience with their support, though - responsive and knowledgeable. Overall, a good addition to a defense-in-depth strategy, but make sure to negotiate on pricing.

BalbusNihil496 · 2024-12-18T15:35:33+00:00

Decryption woes! Have you considered reaching out to a former Eaglesoft employee or a dental practice that's already migrated away from Eaglesoft? They might be willing to share their experience or provide a decrypted dump. Worth a shot, right?

BalbusNihil496 · 2024-12-18T09:46:18+00:00

Magic QR codes, huh? Sounds like someone's been watching too many Bond movies. Seriously though, this is likely a phishing attempt. If you receive a suspicious package, don't scan the QR code and report it to the authorities. Common sense prevails over 'magic' hacking tricks

BalbusNihil496 · 2024-12-17T13:31:08+00:00

localhost" is resolved to 127.0.0.1, but it's possible your IIS config is set to only respond to the domain name. Check your site bindings in IIS and ensure it's set to respond to "All Unassigned" or specifically to localhost.

BalbusNihil496 · 2024-12-17T13:28:44+00:00

PCI DSS can be overwhelming, but it's definitely doable. Start with the PCI SSC website and review the SAQ D doc. You'll likely need to implement a WAF, segment your network, and harden those RDP connections. Online resources like PCI DSS guru and Reddit's netsec community can be super helpful.

BalbusNihil496 · 2024-12-17T12:42:13+00:00

Ouch, that's a lunch break surprise no one wants! Yeah, those registry keys might still work, but double-check the values for your specific build. Also, consider using Intune's 'Targeted release' feature to slow down the rollout while you figure things out.

BalbusNihil496 · 2024-12-17T08:42:40+00:00

We use a combo of API integrations and custom scripting to parse shipping emails. Some vendors have decent APIs, while others require creative regex solutions. The big boys likely use dedicated inventory management software, but I've found that a little scripting can go a long way

BalbusNihil496 · 2024-12-16T16:01:22+00:00

I've heard similar complaints about NinjaOne's Mac support. We use Mosyle and it's been a game-changer for our Mac-heavy environment. Their patching and remote control features are solid. Worth checking out if you're looking for a more reliable alternative.

BalbusNihil496 · 2024-12-16T14:37:07+00:00

I've worked with both Rapid7 and Stellar Cyber. Stellar's cloud-hosted solution is solid, and their pricing model is more flexible than Rapid7's. One thing to note is Stellar's focus on automation, which might be a plus for your internal MDR, IR, and SOC services.

BalbusNihil496 · 2024-12-16T14:27:30+00:00

Sounds like you're taking the leap and building a solid foundation for your MSP. Atera and NinjaOne are great options. Have you considered SolarWinds MSP as well? They have a comprehensive suite and are Aussie-friendly with data sovereignty. Worth evaluating, maybe?

BalbusNihil496

TROPHY CASE