Supplier Due Diligence: An Introductory Guide

In today’s digital age, organisations are more interconnected than ever, relying heavily on suppliers and third-party vendors to provide essential services and products. While this interconnectedness is great for operational efficiency, it also introduces significant cybersecurity risks. Undertaking appropriate due diligence on suppliers helps mitigate these risks and protect the organisation’s data. In this comprehensive […]

MFA Fatigue: The Shift to Phishing-Resistant Authentication

MFA Fatigue The Shift to Phishing Resistant Authentication It’s long been widely known that in the real world passwords alone are not a great way to authenticate users.  Some people pick simple passwords that can easily be guessed. Others will re-use their company password for their login to a random quiz website run by a […]

No-Defender can deactivate windows defender

Last week a new tool was brought to my attention, No-Defender, a tool published on GitHub that can deactivate Windows Defender by exploiting the Windows Security Center (WSC) registration mechanism. The method is typically used by antivirus (AV) and endpoint detection and response (EDR) software to avoid conflicts with Windows Defender by becoming the primary security […]