Latest News

The Privasec Red Team participated in Missing Persons Capture-The-Flag for Trace Labs/ AustCyber - The Australian Cyber Security Growth Network Ltd. In what is considered a world’s first, over 80 teams and 356 ethical hackers used Open-Source Intelligence (OSINT) skills to track down people who have gone missing. Our team members managed to place 2nd in Victoria and 5th place nationally. All the leads were passes onto the federal police for further investigations via the National Missing Persons Coordination Centre.

Missing persons phishing

Privasec Teams in Singapore and Melbourne have had an eventful couple of weeks.

Earlier last week, Privasec's Singapore team were joined by their Australian Dronsec colleagues for the GovWare conference from 1st -3rd Oct. Into its 28th showing, GovernmentWare (GovWare) 2019 was the region’s most established premier conference and showcase for cybersecurity. It is considered by many to be the cornerstone event for the Singapore International Cyber Week.

Govware2019

govware2019govware

Privasec is excited to welcome Martin Yim and Swapnil Aglawe to our team.

Privasec GRC ConsultantPrivasec GRC Consultant

The biggest Distributed Denial-of-Service (DDoS) attack occurred in February 2018. The victim was GitHub and at its peak, this attack saw incoming traffic at a rate of 1.3 terabytes per second (Tbps). By taking down the website, a DDoS attack not only leads to loss of revenue but also affects the company's reputation.

A DDoS attack or Denial of service attack is aimed at bringing your website down by overwhelming it with traffic more than the network can afford.  

Therefore, it is crucial to have a plan before a DDoS attack strikes. The plan must properly document the network topology diagram for management of crucial assets during the attack and require the alerting of relevant stakeholders. A few other tricks for preparing for a DDoS attack include the use of sufficient bandwidth, infrastructure redundancy, DNS server redundancy and use of WAF (web application firewalls) for server protection.

ddos attack

Implementing an ISO27001 compliant Information Security Management System (ISMS) can be an intimidating task, especially if one has no prior knowledge of the Standard. An ISMS is a systematic approach to managing risks related to valuable information assets (organisation information) to ensure it remains secure. This approach includes people, processes and systems. An ISMS preserves the confidentiality, integrity, and availability of information by applying a risk management process.