Latest News

Privasec is proud to support SecTalks Melbourne for a second year running with the sponsoring of CTF exercises and prizes. Privasec RED Managing Consultant and SecTalks Melbourne Organiser, Mike Monnik spoke at the inaugural 2019 meetup on some of the techniques used by our Red Team within dedicated Open-Source Intelligence (OSINT) engagements.

Privasec is excited to partner with Cyber Risk Meetup in Brisbane to bring together ‘Cyber Insurance- Is it worth the paper it’s written on?’.

adult casual checking 1851467

Android users need to be highly cautious as menial tasks such as viewing a png file can compromise their smartphone.

xyz

The Privasec Red guys have been ethically breaking into networks and premises to help organisations identify critical gaps in their security implementation. Using realistic attack techniques and methodologies that are tailored to each of our customers, the team consistently obtains physical and electronic access to various forms of sensitive information. In most cases, the Privasec Red Team been able to compromise clients by using cheap and simple techniques that can be easily protected against.

Elongated Privasec Red Logo with white tag line v2 Solid Background 1

Privasec and its subsidiary DroneSec are excited to sponsor the inaugural BSides Melbourne conference to be held on 16th and 17th February.

bsides

The Privasec team in Brisbane, Queensland is very excited to be working with one of Australia’s most exciting payments providers as they finalise their compliance with the Payment Card Industry Data Security Standard (PCI DSS). Merchants and service providers across Australia are increasingly being asked by their acquiring banks and customers to provide evidence of their compliance. PCI DSS QSA’s at Privasec have been helping clients for many years to understand how the standard impacts their business, how to adopt the security controls required by the standard and how to achieve this in in the most productive, cost effective and timely manner. If you are not sure how PCI DSS might impact your business Privasec’s PCI DSS health check can provide the answers.

payment post

Privasec’s Consultant, Sajeeb Lohani has been invited to speak at the OWASP Conference in Auckland, New Zealand on 22nd February.

In March 2018 abuse.ch, a non-profit cybersecurity organization in Switzerland launched project URLhaus with the aim of detecting, collating and sharing URLs that contain malware. In the 10 months since its inception, over 265 security researchers helped takedown nearly 100,000 websites which were distributing malware.

The URLhaus project has been a massive success and is assisting network administrators and security analysts with protecting their environment. Averaging 300 new detections per day, this feed is freely available to anyone via their API, feeds or can be downloaded and imported into non-programmatic protection systems. The URLhaus detections are also being distributed to prevalent blacklisting services such as Google Safe Browsing, Spamhaus DBL and SURBL.

There are some interesting trends that can be identified from analysis of their published statistics. The notable standout from the list of detected malware is Emotet, a banking trojan derived from an earlier banking trojan Feodo. Discovered in June 2014, Emotet has become one of the most costly financial malware infections and, as can be seen from the URLhaus data, is still rampant today.

Almost every week, an ever-growing list of data breaches occur around the world. In a lot of cases, attackers ultimately gain access to sensitive information such as a hashed password database. This type of information can be useful for the bad guys when targeting specific organisations and/or people.

How are you stroing your passwords

A critical bug has just been discovered in the new iOS allowing eavesdropping via FaceTime. A fix is expected later this week, but in the meantime, it is highly recommended to turn off FaceTime.

https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/