GCS Technologies, Inc.’s Post

[GRC Incident Review] Darknet Diaries Ep. 36: 'Jeremy from Marketing' Review One Hello everyone! So, this is my first review in a series on GRC incident failures. In this scenario, Tinker's pen test showed that the Blue Team ultimately won, but critical vulnerabilities were exposed. So, for this review, my focus was on those gaps found, successes, and necessary fixes. Key Gaps Exposed: - PE-3 Physical Access: There was an unlocked IT shack door and zero surveillance. - AT-2, AT-3 Awareness: An employee from the Accounting department had failed a Vishing attack and read the MFA code. -IA-5 Authenticator Management: There were weak administrator passwords (with the company name and year). -SC-28 Configuration: Two corporate laptops found in the IT shack were found to be unencrypted, so there was an FDE failure. Blue Team Strengths: Strong RBAC, per-app MFA, and application monitoring detected the PowerShell use. Policy Recommendations: Enforce monthly Vishing drills, install 24/7 surveillance on all restricted areas, and ensure that all laptops, devices, and storage media devices are 100% compliant. This is all from my side. What are your thoughts on this review? What suggestions would you give for this that should have been prioritized? For a more detailed review, I added the full document that I wrote to this post. I was planning on sharing that, but it went over the character limit, and I realized it was a bit too wordy. If you want to read my full policy recommendations document, here is the link to my GitHub:https://lnkd.in/e8-YYxWn #Cybersecurity #GRC #Infosec #PenTesting #DarknetDiaries

Outdated software creates a highway for cybercriminals straight into your business. With attackers exploiting 75% of new vulnerabilities within just 19 days, while businesses take over 100 days to patch, you’re fighting a losing battle without proper patch management. https://ow.ly/8k5x50XjOkN

Important Update & Call to Action: F5 Security Incident Today, I’d like to highlight a critical security incident and its implications for organisations everywhere — no matter your size or industry. In October 2025, F5 disclosed that a sophisticated threat actor gained persistent access to its internal environment and exfiltrated files — including portions of source code and engineering documentation for its BIG-IP, F5OS and other core product The advisory (K000156572) outlines multiple newly-released patches and underscores the urgency of remediation. 📍 Why this matters The stolen assets include internal engineering artefacts and details of un-patched vulnerabilities — meaning adversaries may now have a knowledge advantage. Products such as BIG-IP are widely used across enterprise environments and at the network edge. A compromise of these could facilitate credential theft, lateral movement, or further footholds. The incident emphasises that vendor / supply-chain risk is real — your trusted infrastructure tools are not immune. According to multiple national cyber-agencies, the risk level is elevated and immediate action is required. 🛠 What organisations should do now Inventory your F5 assets – Identify any devices or services running BIG-IP, F5OS, BIG-IQ, BIG-IP Next, etc. Apply patches immediately – Use the versions and hotfixes listed in K000156572. Older or end-of-support systems represent higher risk. Restrict exposure – Ensure no management interfaces are internet-facing; isolate these critical systems. Kudelski Security Rotate keys & credentials – Especially for any device that may have been exposed or reachable externally. Enhance monitoring and hunt for anomalies – Tailored for these devices; focus on access logs, unusual traffic, and unexpected configuration changes. Communicate vendor-risk to leadership – This isn’t just an “IT issue” — it’s a strategic risk when a vendor with access to foundational infrastructure is compromised. Reference KB -https://lnkd.in/dXcwV_Mp https://lnkd.in/dcVe3rG5

💸 Overlooking patch management isn’t just a technical oversight, it’s a financial and reputational risk. In our latest blog, we highlight real-world examples to show just how costly unpatched vulnerabilities can be. From massive breaches caused by unpatched vulnerabilities to lawsuits, loss of trust, and regulatory fines, the cost of doing nothing usually far outweighs the effort and investment in staying current. https://lnkd.in/ee4cD8fv #CyberSecurity #PatchManagement #Stratusip #LessonsLearned #DataBreachPrevention #Cirrus

Oracle has confirmed that a new extortion campaign targeting its E-Business Suite customers is linked to vulnerabilities addressed in the company’s July 2025 Critical Patch Update. The campaign, which may be connected to the notorious Clop ransomware group, began in late September and highlights how threat actors continue to exploit unpatched systems long after fixes are released — underscoring the vital importance of timely patch management.

Oracle has confirmed that a new extortion campaign targeting its E-Business Suite customers is linked to vulnerabilities addressed in the company’s July 2025 Critical Patch Update. The campaign, which may be connected to the notorious Clop ransomware group, began in late September and highlights how threat actors continue to exploit unpatched systems long after fixes are released — underscoring the vital importance of timely patch management.

Oracle has confirmed that a new extortion campaign targeting its E-Business Suite customers is linked to vulnerabilities addressed in the company’s July 2025 Critical Patch Update. The campaign, which may be connected to the notorious Clop ransomware group, began in late September and highlights how threat actors continue to exploit unpatched systems long after fixes are released — underscoring the vital importance of timely patch management.

Oracle has confirmed that a new extortion campaign targeting its E-Business Suite customers is linked to vulnerabilities addressed in the company’s July 2025 Critical Patch Update. The campaign, which may be connected to the notorious Clop ransomware group, began in late September and highlights how threat actors continue to exploit unpatched systems long after fixes are released — underscoring the vital importance of timely patch management.

Oracle has confirmed that a new extortion campaign targeting its E-Business Suite customers is linked to vulnerabilities addressed in the company’s July 2025 Critical Patch Update. The campaign, which may be connected to the notorious Clop ransomware group, began in late September and highlights how threat actors continue to exploit unpatched systems long after fixes are released — underscoring the vital importance of timely patch management.

Oracle has confirmed that a new extortion campaign targeting its E-Business Suite customers is linked to vulnerabilities addressed in the company’s July 2025 Critical Patch Update. The campaign, which may be connected to the notorious Clop ransomware group, began in late September and highlights how threat actors continue to exploit unpatched systems long after fixes are released — underscoring the vital importance of timely patch management.