The ripple effect from Russia-linked SolarWinds hack has reached the banking shores of Singapore. The Monetary Authority of Singapore (MAS) is issuing a third-party risk management directive that requires all financial institutions to assess and manage their exposure to technology risks with third-party suppliers, before entering into a contractual agreement. What does this actually mean […]
Not long ago, I assisted a client of ours with a penetration test of their VMware Horizon remote access solution and discovered a vulnerability affecting how it handles Multi-Factor Authentication (MFA). As a result, with a compromised user account password, I could gain access to the organisations internal network from the internet, bypassing the MFA
CVE-2020-3977: VMware Horizon DaaS Broken Authentication (MFA Bypass) Read More »
It’s mid-Feb and the Privasec team are excited to bring to you two upcoming events, our first physical event of the year in Sydney, Australia, and a virtual session in Singapore.
Written by Breton Chan, Privasec’s Marketing Executive
“Cyber security is a confluence between technology, process and people – with adequate and accurate education of an organisation’s people possibly being the most important facet.”
The Role of Staff Education in Cyber Hygiene Read More »
Written by Breton Chan, Privasec’s Marketing ExecutiveHow prepared is your business for upcoming challenges in the digital landscape?In recent research data released by the Ponemon Institute and IBM Security, cyber crimes accounted for 18.6% of all crime in Singapore. The average cost of a data breach per organisation in the ASEAN bloc sits
Ensure business continuity via long-term Cyber Hygiene practices Read More »
At some point in time, we have all heard about these tax-related scams. Most security-aware and alert ones will be able to pick them up quickly and report it to the necessary authorities. However, there are many who have still fallen prey to these scams.
“We have a warrant for your arrest” | Scamming the CEO Read More »
The federal, state and local governments across Australia has been called by a taskforce of NSW government-sponsored industry leaders to adopt internationally recognised cyber security standards for cloud services: https://lnkd.in/gQshHg4
Aussie governments urged to adopt global cyber security standards for cloud Read More »
Today is International Data Privacy Day!Public education on data privacy has come a long way over the last few years. In today’s digital-savvy world, it is important that all of us are well-informed in protecting our data privacy.
Happy International Data Privacy Day! Read More »
Our Red Team, Offensive Security Consultants work with organisations and technical teams to perform a variety of assessments and provide practical advice to keep them secure. Red team are generally familiar with and apply themselves to most aspects of cybersecurity but specialize in web application security, code reviews, architecture design, network security, attack simulations or
Consultant (RED, Offensive Security) Read More »
A new framework by the Council of Financial Regulators requires APRA-regulated financial institutions to attack themselves in a bid to uplift their cyber preparedness, as APRA orders urgent audits against CPS 234.The #CORIE framework that has been launched will require banks, super funds and other financial institutions to organize independent red team attack simulations.
