Welcome back to IT Pro Tuesday!

In the latest Security Swarm Podcast: “The XZ Utils Backdoor, CSRB’s Report on Storm-0558 & More,” Michael Posey joins us to discuss key findings from Hornetsecurity’s Monthly Threat Report, which provides insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space.

We’re looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.

Now on to this week’s list

A Podcast

Code Comments is focused on exploring the difficulties faced by teams as they implement new technologies, and how things worked out once the transition is finished when the wins/losses can be assessed. Hosted by Jamie Parker, a Product Manager for Observability at Red Hat with over 20 years of tech experience. Thanks for the suggestion go to Drehmini.

External Attack Surface Management Attack Surface Summary

A Free Tool

Podman is a secure, open-source solution for managing containers, pods, and images. This fast, lightweight solution works with containers and Kubernetes from the local environment, and is compatible with other OCI-compliant container formats including Docker. wytesmurf adds, “we ditched Docker for Podman.”

External Attack Surface Management Attack Surface Summary

A Tip

RBeck offers a handy shortcut:

“If you are looking at a folder in Windows Explorer, click into the path box, type cmd, and hit enter. Command prompt opens in that folder.

(Also, it finds an unfixed bug where you can’t access the path box until you go to another folder and come back).”

Another Free Tool

Ventoy allows you to create bootable USB drives for ISO/WIM/IMG/VHD(x)/EFI files. Copy multiple files at once, and Ventoy will give you a boot menu to select them. thelanranger adds, “though this has it’s quirks, it’s handy when it works.”

One More Free Tool

Blender is a cross-platform, open-source 3D graphics application for modeling, animation, simulation, rendering, compositing and more. An API for Python scripting also allows you to customize the application and write specialized tools. Can be a powerful tool for creating impressive presentations, training videos, and more. bodez95 adds, “Blender is becoming a top-tier respected 3d software tool used in corporate settings.”

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

NetBox is an open-source solution for modeling and documenting network infrastructure, with a robust UI and programmable APIs for everything from cable maps to device configurations. pythbit adds, “They have pretty solid documentation that makes it quick. If you host it on Ubuntu, it is almost entirely copy/paste.”

MxToolbox offers a suite of fast and accurate tools designed to help troubleshoot DNS and email issues. Includes MX and DNS lookup, blacklist and DMARC check, as well as some incredibly helpful diagnostic tools. Kindly suggested by DonPepino.