Inleiding De NIS2-richtlijn, die binnenkort van kracht wordt, markeert een significante stap in de versterking van de Europese cyberbeveiliging. Deze richtlijn breidt de bestaande NIS1-richtlijn uit en introduceert strengere veiligheidsvereisten voor een bredere reeks sectoren, waaronder ook overheidsinstellingen. In dit artikel analyseren we de belangrijkste veranderingen en implicaties van NIS2. Read more
I just started working with Dall-e, Midjourney, ChatGPT and stable diffusion. To promote the work an instagram account is useful. From the moment the first work was online the first scammers and scams started hitting the inbox. I will show the scams profided and keep a hall off shame all Read more
Security benchmarks help organizations strengthen their security posture and meet various cloud security compliance requirements. The Microsoft cloud security benchmark announced at Ignite 2022 provides clear and concrete guidance to securely configure cloud resources. Today, we are excited to announce a new Azure compute benchmark for Azure virtual machines. Read more
Kabinet presenteert de Nederlandse cybersecuritystrategie (NLCS) 2022-2028 10 okt 2022 Namens het kabinet presenteert minister Yeşilgöz-Zegerius (Justitie en Veiligheid), samen met minister Adriaansens (Economische Zaken en Klimaat) en staatssecretaris Van Huffelen (Koninkrijksrelaties en Digitalisering), vandaag de nieuwe Nederlandse cybersecuritystrategie 2022-2028. Bij de strategie hoort ook een actieplan met concrete acties Read more
October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this blog as standard guidance. Microsoft is aware of limited targeted Read more
Microsoft is investigating two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker. At this time, Microsoft Read more
In Microsoft’s Detection and Response Team, we often find ourselves using the rich data available in Office 365 to help us with our investigations. During this process there are a couple of questions we consistently stumble across: Where can I go to find ‘x’ data? (Location) How far back does Read more
When you think about Cloud Security there are many areas of responsibility – securing infrastructure, network, data, applications, and managing identities and access. There are also ongoing processes for security operations and governance, risk & compliance management. But the best part of building your application on cloud is that you Read more
Minimum Viable Secure Product is a minimalistic security checklist for B2B software and business process outsourcing suppliers. — Lees op mvsp.dev/mvsp.en/index.html
Minimum Viable Secure Product – A minimum security baseline for enterprise-ready products and services. — Lees op mvsp.dev/