I shared some of my experiences last week about getting into hacking. The response has been awesome, lots of folks sharing their own “wait, that worked?” moments.
If you missed the post, I covered what it felt like to land my first reverse shell, how overlooking basic file permissions wasted hours, and what I changed in my own environment after seeing it through an attacker’s eyes.
What’s the moment that changed how you think about defense?
Read the full post here: https://blog.brianbaldock.net/a-better-defender

Just published a new article: How breaking in made me a better defender.
Getting hands-on with offensive security reshaped how I approach defense. From my first reverse shell to isolating IoT gear, it’s been eye-opening.
What’s the moment that made you see security differently?
🔗 https://blog.brianbaldock.net/a-better-defender
#CyberSecurity #InfoSec #EthicalHacking #Homelab

The most convenient and efficient way to operate a bank is where everything you need for customers is in easy reach.
So why do we store cash and valuables in bank vaults and safety deposit boxes?
Because it would be insanely easy to steal!

…but with digital businesses, we somehow overlook this and allow/encourage putting business critical assets and the ability to access them (administrative credentials) out 'in the open' on BOYDs and regular corporate laptops where people do email and web browsing to any old sites.

Microsoft published guidance on securing privileged access (https://aka.ms/spa) including the use of privileged access workstations (https://aka.ms/PAW) to change this practice that puts your organization at risk.
Please read and follow this guidance to get these out of the reach of any casual attacker!

Push MFA = easy to phish.
Read why number matching doesn’t fix it, and how to implement real phishing-resistant MFA for your business.
https://blog.brianbaldock.net/mfa-beyond-push-notifications
#CyberSecurity #FIDO2 #EntraID

🔥 Cloud protection isn’t optional in 2025.
Defender for Endpoint works best when it can reach the cloud. But what about isolated networks? Proxies still play a key role. Here’s how to securely bridge the gap while keeping control: https://blog.brianbaldock.net/mde-proxies-2025
#MDE #CyberSecurity #CloudSecurity

💡 Think your disconnected environment can’t use AI-driven protection? Think again.
With Microsoft’s Streamlined Connectivity, enabling Defender for Endpoint in restricted networks has never been easier. Proxies make it possible—here’s how to do it right: https://blog.brianbaldock.net/mde-proxies-2025
#CyberSecurity #DefenderForEndpoint #XDR

Proxies aren’t the enemy—they’re the bridge. 🔐

Defender for Endpoint needs the cloud to deliver real-time protection, but in restricted networks, proxies remain essential. With fewer URLs to allow-list in 2025, securely enabling Defender is easier than ever.

Read how to get it right: https://blog.brianbaldock.net/mde-proxies-2025

#CyberSecurity #MicrosoftDefender #XDR #Proxies

Security teams often conflate "internet access" with "lack of security." But if HTTPS/TLS is restricted to trusted services, does it really differ from a VPN tunnel?

A properly pinned HTTPS/TLS connection provides encryption, data integrity, and authentication—without exposing systems to the open internet.

I explore this in my latest blog post. Read more here: https://blog.brianbaldock.net/defender-for-endpoint-and-the-internet?showSharer=true

#CyberSecurity #VPN #CloudSecurity #ThreatIntel

You don’t need a data center to run an AI chatbot. Just Docker.
I used an RTX 3080, Docker Compose, and NGINX to build mine—secure, fast, and private.
Here’s how: https://blog.brianbaldock.net/deploying-local-ai-inference-with-vllm-and-chatui-in-docker

Tired of paying for AI APIs? Run your own.
I built a local AI chatbot using vLLM, NGINX, and Docker—fully private, fast, and API-free.
Learn how: https://blog.brianbaldock.net/deploying-local-ai-inference-with-vllm-and-chatui-in-docker
#AI #LLM #SelfHosting #Docker #APIFree

Air-gapped networks aren’t foolproof. Stuxnet proved that, and insider threats continue to show their limitations. Meanwhile, HTTPS/TLS provides encrypted, controlled tunnels to trusted services—much like a VPN.

Yet, many still fear “internet connectivity” in security tools like Defender for Endpoint. Let’s rethink what real security means.

Read more in my latest blog post: https://blog.brianbaldock.net/defender-for-endpoint-and-the-internet?showSharer=true

#CyberSecurity #Encryption #ThreatIntelligence

“Defender for Endpoint only works when it’s connected to the internet.” I hear this a lot, but it’s misleading. HTTPS/TLS encryption allows for secure, restricted connections—just like a VPN, but at the application layer. If we trust VPNs for security, why dismiss HTTPS/TLS as “open internet”?

It’s time to rethink network security and the myth of "air-gapped" environments. I break it down in my latest post: https://blog.brianbaldock.net/defender-for-endpoint-and-the-internet?showSharer=true

Think self-hosting an LLM is hard? Think again.
I used Docker, NGINX, and my RTX 3080 to build a fast, secure AI chatbot.
Check it out: https://blog.brianbaldock.net/deploying-local-ai-inference-with-vllm-and-chatui-in-docker
#AI #LLM #Docker #NGINX #SelfHosted

Got a gaming PC? Turn it into an AI powerhouse with Docker.
I used my RTX 3080 to run a local AI chatbot—no API calls, no cloud costs.
Learn how I did it: https://blog.brianbaldock.net/deploying-local-ai-inference-with-vllm-and-chatui-in-docker
#AI #SelfHosting #Docker #LLM #Tech

New blog post: I built a self-hosted AI chatbot powered by vLLM, ChatUI, and Docker—all running on my RTX 3080. I share the full setup, troubleshooting tips, and lessons learned along the way. If you’re into self-hosting, AI, or containerization, this one’s for you.

Read it here: https://blog.brianbaldock.net/deploying-local-ai-inference-with-vllm-and-chatui-in-docker
#AI #SelfHosted #Docker #HomeLab

🔒 Stop Reacting, Start Preventing 🔒

Cyberattacks don’t wait—why should you?

Join our webinar to learn how Microsoft Defender XDR detects and disrupts multi-stage attacks before damage occurs.

✅ Proactive security with AI-powered tools
✅ Live demos and guided Q&A
✅ Actionable insights for your strategy

📅 Don’t wait for the attack—Register now: https://msevents.microsoft.com/event?id=3912490388

🚨 Cybersecurity at Machine Speed 🚨

Advanced attacks are smarter, but so is your security with Microsoft Defender XDR.

Join our webinar to see how AI-powered tools detect and stop multi-stage attacks across identities, devices, apps, and data—before they cause damage.

✅ Live demos
✅ Guided Q&A
✅ Insights to maximize your investments

📅 Don’t miss it! Register now: https://msevents.microsoft.com/event?id=3912490388

Let’s make cybersecurity proactive, not reactive.

🎉 Big win for security! Universal Continuous Access Evaluation (UCAE) is now in Public Preview (rolling out through Dec 31, 2024). UCAE enables near real-time access policy updates, boosting your Zero Trust strategy. No more waiting for token expiration—compliance changes are enforced instantly! 🔗 Learn more:
🔗 https://learn.microsoft.com/en-us/entra/global-secure-access/concept-universal-continuous-access-evaluation

The future of real-time security is here, and it’s just so cool. Thoughts? 🤔 #CyberSecurity #ZeroTrust #Microsoft

MFA isn’t enough. Device compliance stops AiTM attacks by blocking untrusted devices—even if MFA is bypassed. Secure Microsoft 365 the smart way. https://learn.microsoft.com/en-us/mem/intune/protect/create-conditional-access-intune

🚨 New blog post up! 🚨 I ran into a unique issue while syncing users between Contoso and Fabrikam's multi-tenant setup. Fabrikam's "All Company" group hit its user limit, leading to unexpected behavior. Explore the journey, fixes, and key takeaways! 🔗 https://blog.brianbaldock.net/fabrikam-allcompany-broke
#Microsoft365 #CrossTenantSync #Cybersecurity #TechInsights #IT