Gardner Systems is a data management and security company based in Liverpool. We are partners to Microsoft, IBM, NetApp and a wide range of data management and cyber security partners.
Wow, this video is packed with essential information on patch management! Paul and Jason did an incredible job breaking down the importance of a systematic approach to updating all software and firmware, not just the obvious ones. I really appreciated the emphasis on covering even the less critical updates and how neglecting these can compound into major vulnerabilities. The advice on using tools like WSUS and third-party patch management solutions to streamline the process was spot on and very practical. Also, the suggestion to test patches on a smaller group before broader deployment makes so much sense to prevent any widespread issues. This video is definitely a must-watch for anyone looking to bolster their cybersecurity measures! Great work, guys! 🌟🔒💻
@GardnerSystems21 күн бұрын
Thank you for your comment! We really appreciate the kind words and are happy that you enjoyed the episodes. Is there anything you'd like us to cover going forward?
@bookofyemi21 күн бұрын
@@GardnerSystems Absolutely! Just to name a few things... I'd love to see more content on advanced threat detection and response strategies, particularly on how to effectively integrate them into existing security frameworks. It would also be helpful to explore best practices for incident response planning and execution, especially for organizations with limited resources. Additionally, diving into the latest developments in AI and machine learning for cybersecurity would be fascinating. Keep up the great work!
@luzwaracocapoma240726 күн бұрын
Do you have the sequence diagram?
@CossawАй бұрын
Also office has this feature called "more apps" i believe its called. You'll see it with the rest of the office apps in top left corner of outlook for example. Ive seen slack, firewalls, and other random apps being linked there. Potential misuse of those could be interesting to cover as well. If a sysadmin gets phished and if they can manage firewall from office.. scary stuff could happen potentially. Just a thought! Havent heard it covered before so would be interesting to hear from you guys 😉
@CossawАй бұрын
Hey, I recently learnt about phishing that bypasses 2fa with tools like evilginx2. Now, if someone phishes a user with a fake office page and steals their token to bypass 2fa, what badness could happen from there? I heard you could get look for creds in teams, onedrive, emails, sharepoint etc. Could even just log into their cloud environment if they use Azure! This worries me especially if someone with higher cloud privileges would get phished.. Could you guys potentially have a discussion surrounding this topic? 2fa phishing and specifically what damage could be done to our companies if a bad actor gets access to one of our office emails? Love the podcast you guys! 😄
@GardnerSystemsАй бұрын
Thanks for your comment! We're really glad you love the podcast and are really appreciative of the feedback/ideas around topics. in our episode where we talk about the anatomy of cyber attacks, this is the exact scenario - check this out here - kzread.info/dash/bejne/fqGMzcaAcs-olKg.html I've noted this down as a topic for us to cover on our next set of recordings so keep an eye out in the coming weeks! Thanks for listening.
@CossawАй бұрын
@@GardnerSystems And gladly touch on the "more apps" feature in the top left section of office too! In my company I can see some firewalls connected, slack, other random apps etc, some of which my user-rights can access and some which I can't(thankfully). Finding company insights from slack messages and potentially creds in DMs etc is bad enough but... ..it begs the question: if someone like a sysadmin gets phished... could an attacker make changes to the firewall or vpn from this access alone, and potentially configure it so they can pivot into the internal network of that company? That would be a nightmare. It's something I've never heard people talk about, even though it sounds like such a dangerous and worthwhile topic. So I think this would be an excellent addition to the topic as well, or even it's own episode perhaps! 😄
@CossawАй бұрын
Also office has this feature called "more apps" i believe its called. You'll see with the rest of the office apps in top left corner of outlook for example. Ive seen slack, firewalls, and other random apps being linked there. Potential misuse of those could be interesting to cover as well. If a sysadmin gets phished and if they can manage firewall from office.. the scary stuff could happen potentially. Just a thought! Havent heard it covered before so would be interesting to hear from you guys 😉
@Cossaw2 ай бұрын
Can't wait for episode 45 and 400! 😉♥🚁
@GardnerSystems2 ай бұрын
Thank you for your support! Is there anything you'd like us to cover?
@Cossaw2 ай бұрын
@@GardnerSystems Perhaps misuse of malicous browser extensions could be interesting. Or perhaps different c2 channels and how to protect ourselves from it. I recently learned that c2 traffic can be tunneled over just ICMP or just DNS for instance, so it would be interesting to hear a discussion around this topic! :)
@GardnerSystems2 ай бұрын
@@Cossaw That's great, thank you for that. We've done a few on DNS. We have our episode titled 'decoding the domain' which you can find here - kzread.info/dash/bejne/h6JklJiCm8ueeLQ.html In our latest set of recordings, we also brought in a guest to touch on DNS further so keep an eye out for those coming soon!
@elbertinakolaga74653 ай бұрын
Promo`SM 🤩
@pow19834 ай бұрын
Only on premises is starting to boom again
@stevelambert56464 ай бұрын
Great session guys and very informative.
@GardnerSystems4 ай бұрын
Great to hear you liked the episode, Steve!
@JmMateo9336 ай бұрын
Hmm
@user-wi1wd5mm4e8 ай бұрын
Beyond the firewall, what a title! Another great episode, guys
@user-wi1wd5mm4e9 ай бұрын
What a great episode! WFH is such a huge topic in this day and age!
@LzPee10 ай бұрын
The capabilities surrounding ChatGPT are incredible.
@sheffieldyerbich382510 ай бұрын
Promo'SM
@GardnerSystems10 ай бұрын
Thanks for your comment! We hope you are enjoying the Tech Takeaways podcast. If there are any subjects you'd like us to cover then please do let us know
@LzPee10 ай бұрын
Another great episode! Very insightful indeed
@GardnerSystems10 ай бұрын
Thanks LzPee! Is data loss prevention something you have every considered on something you have acted on?
@paulbamber8762 Жыл бұрын
Looks good guys, looking forward to watching the podcasts!
Пікірлер
Wow, this video is packed with essential information on patch management! Paul and Jason did an incredible job breaking down the importance of a systematic approach to updating all software and firmware, not just the obvious ones. I really appreciated the emphasis on covering even the less critical updates and how neglecting these can compound into major vulnerabilities. The advice on using tools like WSUS and third-party patch management solutions to streamline the process was spot on and very practical. Also, the suggestion to test patches on a smaller group before broader deployment makes so much sense to prevent any widespread issues. This video is definitely a must-watch for anyone looking to bolster their cybersecurity measures! Great work, guys! 🌟🔒💻
Thank you for your comment! We really appreciate the kind words and are happy that you enjoyed the episodes. Is there anything you'd like us to cover going forward?
@@GardnerSystems Absolutely! Just to name a few things... I'd love to see more content on advanced threat detection and response strategies, particularly on how to effectively integrate them into existing security frameworks. It would also be helpful to explore best practices for incident response planning and execution, especially for organizations with limited resources. Additionally, diving into the latest developments in AI and machine learning for cybersecurity would be fascinating. Keep up the great work!
Do you have the sequence diagram?
Also office has this feature called "more apps" i believe its called. You'll see it with the rest of the office apps in top left corner of outlook for example. Ive seen slack, firewalls, and other random apps being linked there. Potential misuse of those could be interesting to cover as well. If a sysadmin gets phished and if they can manage firewall from office.. scary stuff could happen potentially. Just a thought! Havent heard it covered before so would be interesting to hear from you guys 😉
Hey, I recently learnt about phishing that bypasses 2fa with tools like evilginx2. Now, if someone phishes a user with a fake office page and steals their token to bypass 2fa, what badness could happen from there? I heard you could get look for creds in teams, onedrive, emails, sharepoint etc. Could even just log into their cloud environment if they use Azure! This worries me especially if someone with higher cloud privileges would get phished.. Could you guys potentially have a discussion surrounding this topic? 2fa phishing and specifically what damage could be done to our companies if a bad actor gets access to one of our office emails? Love the podcast you guys! 😄
Thanks for your comment! We're really glad you love the podcast and are really appreciative of the feedback/ideas around topics. in our episode where we talk about the anatomy of cyber attacks, this is the exact scenario - check this out here - kzread.info/dash/bejne/fqGMzcaAcs-olKg.html I've noted this down as a topic for us to cover on our next set of recordings so keep an eye out in the coming weeks! Thanks for listening.
@@GardnerSystems And gladly touch on the "more apps" feature in the top left section of office too! In my company I can see some firewalls connected, slack, other random apps etc, some of which my user-rights can access and some which I can't(thankfully). Finding company insights from slack messages and potentially creds in DMs etc is bad enough but... ..it begs the question: if someone like a sysadmin gets phished... could an attacker make changes to the firewall or vpn from this access alone, and potentially configure it so they can pivot into the internal network of that company? That would be a nightmare. It's something I've never heard people talk about, even though it sounds like such a dangerous and worthwhile topic. So I think this would be an excellent addition to the topic as well, or even it's own episode perhaps! 😄
Also office has this feature called "more apps" i believe its called. You'll see with the rest of the office apps in top left corner of outlook for example. Ive seen slack, firewalls, and other random apps being linked there. Potential misuse of those could be interesting to cover as well. If a sysadmin gets phished and if they can manage firewall from office.. the scary stuff could happen potentially. Just a thought! Havent heard it covered before so would be interesting to hear from you guys 😉
Can't wait for episode 45 and 400! 😉♥🚁
Thank you for your support! Is there anything you'd like us to cover?
@@GardnerSystems Perhaps misuse of malicous browser extensions could be interesting. Or perhaps different c2 channels and how to protect ourselves from it. I recently learned that c2 traffic can be tunneled over just ICMP or just DNS for instance, so it would be interesting to hear a discussion around this topic! :)
@@Cossaw That's great, thank you for that. We've done a few on DNS. We have our episode titled 'decoding the domain' which you can find here - kzread.info/dash/bejne/h6JklJiCm8ueeLQ.html In our latest set of recordings, we also brought in a guest to touch on DNS further so keep an eye out for those coming soon!
Promo`SM 🤩
Only on premises is starting to boom again
Great session guys and very informative.
Great to hear you liked the episode, Steve!
Hmm
Beyond the firewall, what a title! Another great episode, guys
What a great episode! WFH is such a huge topic in this day and age!
The capabilities surrounding ChatGPT are incredible.
Promo'SM
Thanks for your comment! We hope you are enjoying the Tech Takeaways podcast. If there are any subjects you'd like us to cover then please do let us know
Another great episode! Very insightful indeed
Thanks LzPee! Is data loss prevention something you have every considered on something you have acted on?
Looks good guys, looking forward to watching the podcasts!
Thanks Paul
Very insightful and well produced. Thanks