Viewing a png file can get your Smartphone Compromised
- Details
Android users need to be highly cautious as menial tasks such as viewing a png file can compromise their smartphone. A hacker can get access to a user’s smartphone by tricking them to download a png file sent to them or displayed within an application they are using. Google has patched 42 security vulnerabilities including the three critical vulnerabilities (CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988) that can lead to compromises in their recent February Security Updates.
Even though Google claims none of these vulnerabilities has been exploited, it is still highly recommended to download these security patches to avoid possible issues.
Source: The Hacker News
Privasec Red Teaming
- Details
The Privasec Red guys have been ethically breaking into networks and premises to help organisations identify critical gaps in their security implementation. Using realistic attack techniques and methodologies that are tailored to each of our customers, the team consistently obtains physical and electronic access to various forms of sensitive information. In most cases, the Privasec Red Team been able to compromise clients by using cheap and simple techniques that can be easily protected against.
Privasec and DroneSec to Sponsor the inaugural BSides Melbourne Conference
- Details
Privasec and its subsidiary DroneSec are excited to sponsor the inaugural BSides Melbourne conference to be held on 16th and 17th February. BSides Melbourne provides a great platform for first-time speakers, students, new and experienced professionals to share their work and learn from others. If you are attending the conference, do check out our DroneSec Tshirts. See the full event details here:
Privasec’s Vendor Security Assessment and Management
- Details
The Privasec team in Brisbane, Queensland is very excited to be working with one of Australia’s most exciting payments providers as they finalise their compliance with the Payment Card Industry Data Security Standard (PCI DSS). Merchants and service providers across Australia are increasingly being asked by their acquiring banks and customers to provide evidence of their compliance. PCI DSS QSA’s at Privasec have been helping clients for many years to understand how the standard impacts their business, how to adopt the security controls required by the standard and how to achieve this in in the most productive, cost effective and timely manner. If you are not sure how PCI DSS might impact your business Privasec’s PCI DSS health check can provide the answers.
Privasec's Consultant to speak at OWASP Auckland Conference.
- Details
Privasec’s Consultant, Sajeeb Lohani has been invited to speak at the OWASP Conference in Auckland, New Zealand on 22nd February. OWASP New Zealand conference provides a great platform for security professionals, developers and software testers to discuss development techniques for building more secure applications. Sajeeb will be addressing core threat modelling concepts to identify edge cases in software, prior to releasing them publicly. Come and say hello if you are attending the conference. Check out the event details here:
