Latest News

Privasec is proud to have sponsored FST Media's 11th Annual Future of Security conference. The Future of Security 2019 revealed cutting edge security insights and innovations for the financial services industry. Privasec Team Shamane Tan and Pablo Borges had a great time at the conference. A big thanks to all the organisers and other sponsors for making Future of Security 2019 a huge success.

Privasec at FST Media

In 2019, attackers are phishing targets to retrieve sensitive information that ultimately leads to data compromise. Phishing is the technique where a malicious actor lures a victim into revealing sensitive information. This can be through large “spray-and-pray” type campaigns involving multiple recipients or, a more targeted approach crafting attacks for specific individuals, known as Spear Phishing. Phishing has been around since the early days of the Internet as one of the oldest vectors of attack.

Phishing provides a very successful avenue to obtain credentials for hackers. The simplest and most efficient way to achieve this is by redirecting users to a website with some sort of submission form. With a little bit of effort such as purchasing domains with similar names and using tools to scrape and mirror legitimate website content, an attacker can forge a highly-convincing scenario.

Privasec is proud to have sponsored CYBAR 2019: Melbourne’s first student InfoSec party. Privasec Team Ryan Broadfoot, Mike Monnik, Sajeeb Lohani, David Roccasalva and Pablo Borges had a great time at the conference and Privasec’s Principal consultant Ryan Broadfoot shared exciting war stories from previous red team engagements. Congratulations to all the prize winners and a big thanks to all the organisers for arranging such a successful event.

CYBAR 2019

Simply putting your data into a cloud service does not guarantee its security. As cloud based services deliver rapid, cost-effective and commoditised business IT solutions, security and information risks increase.

Cloud Security

The first article for the new Privasec Red Blog has been released. 'Weaponising AngularJS Sandbox Bypasses’, published by Privasec’s consultant Sajeeb Lohani, provides valuable insights in tricks to weaponize existing Angular sandbox escapes.

Read the full article here:

Privasec Red