CONTACT US

Cybersecurity resources

Protect your law firm's critical assets with our comprehensive cyber security resource centre.

We provide valuable insights and tools to keep your business protected.

 

 

Featured Services
Latest How-To Articles
Newsletter

Featured Cyber Security Services

Managed CyberSecurity Services

Digital Forensics and Incident Response

The key to mitigating the impact of any cybersecurity incident is the reaction time between detection and response.

Many organisations lack the resources needed to react in a quick and secure manner.  We provide your organisation with the resilience and expertise you need in a crisis to contain and identify the threat so you can become business operational again with minimum disruption and damage.

LEARN MORE
John Reeman - Virtual CISO

Virtual CISO Services

Are you finding it challenging to recruit a full time cyber security expert?  

It's hard to find and keep good security professionals and many growing businesses can't justify the expense of hiring a full time CISO.

Cyooda Security can provide an on demand cyber security expert on a medium to long term, part time basis, at a fraction of the cost of employing a full time CISO.

LEARN MORE

Cyber Security How To's

How to build strong cybersecurity foundations

How to build a successful cybersecurity program

By John Reeman | June 5, 2024
In this video I will be taking you through a cybersecurity framework that I have developed and perfected over the last 25 years to help organisations build strong cybersecurity programs, reduce risk and remain safe.   Ready to find out more? Book in a Call
Read More
Data Security and AI

Data Security and Privacy: Time to act is now!

By John Reeman | May 15, 2024
With the latest Data Privacy law reforms on the horizon and having just finished off Privacy Awareness Week, #PAW2024, in Australia this article is aimed at all organisations that hold sensitive data. Data breaches are nasty, and they impact everyone involved. Australia has seen some of the largest data breaches over the last 18 months.…
Read More
To be or not to be a ciso

To be or not to be a CISO

By John Reeman | April 10, 2024
Do you aspire to be a CISO? As a former CISO, I felt compelled to write this article after seeing many articles about the role of a CISO and opinions on how hard it is becoming. I’m uncertain whether many people today would actually aspire to be a CISO given the pressures, the demands of…
Read More
Hidden Code

How To: Email Phishing, malicious payload analysis walkthrough

By John Reeman | March 20, 2024
The other day I received a malicious phishing email with what appeared to be an invoice but in fact was a javascript embedded in an HTML document. So let’s get into it. Initial Inspection When I initially opened the document in my visual code editor it appeared as follows: The second line declares a variable…
Read More
CyberChef

CyberChef : how to decode your data the easy way

By John Reeman | March 7, 2024
Intro If you haven’t heard of CyberChef you may be thinking that it is a new robot being created to compete on the next series of “My Kitchen Rules” or go head to head with Gordon Ramsay on “Kitchen Nightmares”! Actually CyberChef or at least the one I’m referring to is actually a really cool…
Read More
Cybersecurity Metrics

How to measure the success of your cybersecurity program

By John Reeman | February 14, 2024
Being asked to present to the board and other key stakeholders in your business about the state of your cybersecurity program can be a daunting prospect. Putting aside the technical jargon can also be challenging for even the most seasoned security professional.
Read More
Cyooda Security share their knowledge on how to build ransomware resilience

Ransomware Resilience: How to prepare and respond in a crisis

By John Reeman | February 7, 2024
Are you prepared for a ransomware attack? What should you do if you become a victim? This guide provides some practical advice you need to know & do to survive.
Read More
How to detect EDR and SIEM evasion techniques

Time altering techniques to evade your security controls

By John Reeman | January 31, 2024
In this article I’ll be talking about ‘Time Travel’ and sadly it’s not an episode of ‘Dr Who’ or ‘Back to the Future’ and not really ‘Time Travel’ but I needed a catchy title! So what I am referring to is how hackers often change the system time of a particular system they are exploiting…
Read More
Cyber Security Automation

Endpoint Security Part 5: How to setup an automated isolation workflow when malware is detected

By John Reeman | January 24, 2024
In this continuing series on endpoint security protections I’ll be showing you how to fully automate host isolation using ‘Tines’ and ‘Elastic’. This article assumes you are familiar with using Elastic SIEM and have some exposure to Tines.  Tines is a smart automation workflow solution that I came across last year.   What I like about…
Read More
Cyooda Incident Response

Endpoint Security Part 4: How to create a playbook to isolate a machine and alert your SOC team

By John Reeman | January 17, 2024
Overview In this fourth article of a 5 part series on ‘Endpoint Security’ I’m going to be showing you how to create a rule in your Elastic SIEM to generate an alert and isolate a host if the presence of malware is detected. Step One – Create the detection rule In your Kibana console select:…
Read More
Endpoint Security Part 3: Threat Intelligence

Endpoint Security Part 3: How to correlate threat intelligence

By John Reeman | December 20, 2023
Overview In this third article of a 5 part series on ‘Endpoint Security’ I’m going to be showing you how you can incorporate ‘Threat Intelligence’ into your security operations strategy. There has been a lot written about threat intelligence over the last decade and it has different meanings to people depending on what industry you…
Read More
Data enrichment with Elastic

Endpoint Security Part 2: Enriching your security event data

By John Reeman | December 14, 2023
In this second part series on ‘Endpoint Security’ I’m going to delve into how you can enrich your security event data to provide further context to assist your security analysts when investigating incidents. In this example we will lead off where we ended from ‘Endpoint Security Part 1’  and so if you were following the…
Read More
Endpoint Security Part 1: collecting essential security events from windows

Endpoint Security Part1: Collecting the essential security events for your windows systems

By John Reeman | December 5, 2023
Read More
Conditional Access Policies

Why you need Azure Conditional Access Policies

By John Reeman | June 29, 2023
Overview Having undertaken a number of Red Team assessments over the last 5 years, one of the common things that is uncovered during these assessments is the lack of robust Microsoft Azure AD conditional access policies. Microsoft Azure AD Conditional access is a premium feature and disabled by default. To enable it you need a…
Read More

Keeping your service provider honest!

By John Reeman | March 22, 2023
We all expect our service providers to do the right thing, abide by contractural terms, provide support when they are meant to and be available when in need.   However, sometimes that doesn’t always happen and so how do you keep your provider on the hook if things do go awry?   In this example…
Read More

Export your passwords from LastPass

By John Reeman | March 13, 2023
Unless you have been living under a rock for the last few months you will know that LastPass has suffered a major breach.  If like me you feel you can no longer trust LastPass to safeguard your crown jewels then this article explains how to: Export your passwords from LastPass Delete and permanently erase all…
Read More

Newsletter Archive

Are you prepared for a cyber attack?

Find out how Cyooda Security can help improve your firm's security culture, recognise threats, strengthen defences and improve your overall cyber resilience.

Contact us

Our Services

Virtual CISO Retainer Service

Security Program Improvement

Data Security and Privacy

Governance Risk and Compliance

Digital Forensics

Incident Response

Cyber Crisis Management

Incident Response Retainer

Penetration Testing

Vulnerability Management

Security Awareness Training

Recent Posts

The Hidden Deal Breaker: Why Cybersecurity is Critical for M&A Success

Metricon homes: Australia’s Largest Home Builder Falls Victim to Qilin Ransomware Attack

Token Protection in Microsoft Entra ID: A Game-Changer for Business Email Compromise Defence

Welcome to the “Cybersecurity Loop” – Edition #12

Qilin Ransomware: The Criminal Enterprise Redefining Cyber Extortion

Lvl 17, Angel Place,

123 Pitt Street,

Sydney

NSW 2000

 (02) 7230 1350