Latest News

Privasec's CISO Prashant Haldankar, was in Singapore last week together with our APAC Executive Advisor Shamane Tan and local Country Head Md Noordin. Prashant presented on our strategy and business plans at the Australian Trade and Investment Commission (Austrade) Australian Landing Pads. Bruce Gosper, the Australian High Commissioner to Singapore and his team were also at the event itself.

IMG 20190530 WA0000

Privasec's Consultant Sajeeb Lohani has released the second article of his new ‘Weaponising Series’, after a great response on ‘Weaponising AngularJS bypass’. The article highlights techniques of weaponising staged cross-site scripting (XSS) payloads. Check out the full article here. Stay tuned to Privasec's News page for further additions to this series.

https://lnkd.in/g7iMRH8

Our team is proud to announce that Privasec RED's Consultant, Sajeeb Lohani has broken the world record by privately disclosing 120 Open-Source CVEs. 

Privasec RED logo

Privasec is really excited to introduce our first ever master class training workshops. Learn from our experienced GRC or Purple Team specialists about the latest regulations and techniques in this one day knowledge-transfer session. Have your pick from our 5 different workshops! These are especially designed to help our IT and security professionals upskill and sharpen their knowledge on security and risks. Limited spots are available, so grab your tickets now. The links below include more details about each workshops.

databackup

In 2019, attackers are phishing targets to retrieve sensitive information that ultimately leads to data compromise. Phishing is the technique where a malicious actor lures a victim into revealing sensitive information. This can be through large “spray-and-pray” type campaigns involving multiple recipients or, a more targeted approach crafting attacks for specific individuals, known as Spear Phishing. Phishing has been around since the early days of the Internet as one of the oldest vectors of attack.

Phishing

Phishing provides a very successful avenue to obtain credentials for hackers. The simplest and most efficient way to achieve this is by redirecting users to a website with some sort of submission form. With a little bit of effort such as purchasing domains with similar names and using tools to scrape and mirror legitimate website content, an attacker can forge a highly-convincing scenario.