GoPhish at scale

In my previous life as a billable cybersec consultant / technical lead, I was looking for a way to deliver phishing tests across our customers in a consistent and repeatable manner. Many options existed such as those supplied by KnowBe4, Defender for M365, Trend - but we couldn’t warrant the cost burden of those solutions until we’d proven the value of the service. I set about finding a way to do this “on the cheap”....

April 30, 2021 · 7 min · Nathan Manzi

AD Group scoping in Jamf for macOS

Scoping Jamf policies for AD groups is a breeze when your users are logging in with AD credentials. But what if you’re O365/AAD only? The Jamf agent won’t recognize an AAD logon unless you’re using Jamf Connect. Sure, it’s unusual to have one without the other, but I have a solution here if you’re running lean. In a rush? Find the script here. Create a new standard user in Jamf for the script to access the API, granting it Auditor privileges....

February 3, 2020 · 3 min · Nathan Manzi

OneDrive Folder Redirection (KFM) for macOS

So you’re running a macOS shop, and using Office 365 for identity, email, and data storage. You want to decrease risk of data loss, manage the security of corporate data, and provide staff the ability to share files in a controlled manner. You also want to make it super easy for staff to adopt. OSS to the rescue! Microsoft OneDrive has a super great feature (for Windows) called Known Folder Move....

February 3, 2020 · 2 min · Nathan Manzi

Installing a .nupkg on an offline machine

The ability to find and install PowerShell modules from online sources like Nuget makes life for a Windows admin a smidge nicer. On the flipside, arbitrary trust of online package repositories and granting servers outbound internet access can be a nightmare for those tasked with protecting a network. You might find yourself needing to install a PowerShell module (as a nupkg file) on a system with restricted (or no) internet access, as one of our security consultants found himself needing to do....

January 22, 2020 · 2 min · Nathan Manzi

#CyberCon 2019 in review

Our lead infosec analyst Pierre and I recently had the opportunity to attend CyberCon 2019 in Melbourne. The event is organised by AISA in collaboration with the Australian Cyber Security Centre (ACSC). This event brings in 140+ infosec speakers and individuals from over 24 countries. With so many interesting sessions in technical, governance, and commercial ‘tracks’ it was difficult to select just one for any given hour-long block of time! Many of the sessions were so packed, people were standing in the lobby watching a feed of the session delivered to screens outside the conference rooms....

October 10, 2019 · 5 min · Nathan Manzi