PDF Generator Best Practices
The dangers of using server-side PDF generation technologies without properly sanitising user input.
Blog
Panel Discussion: In Pursuit of The PSA Licence
By Yap Yu Qing, Marketing Executive The Privasec team has organised a panel discussion last week, where it was an informative sharing session in which different aspect of PSA Licensing compliances for FIs including Fintechs and Crypto was discussed. As a recap, in this session, Jonathan Cheong, Chief Legal and Compliance Officer of DigiFinex shared …
Cyber Readiness for Financial Institutions
Digital financial services brought immense convenience to end-users everywhere, but financial institutes and banks are 300 times more at risk of cyber attack than other companies. Find out more about areas to consider when determining cyber readiness
Demystifying Two Different Worlds: A Look into ISO 27001 and Red Teaming
Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.
But what actually happens during a Red Team and how does an Attack Simulation work in practise?
What happens during a Red Team Attack Simulation?
Red Team Attack Simulations mimic an adversary attacking your organisation. Red Team Attack Simulations enable you to understand and improve upon your ability to identify and respond to an adversary tyring to access your systems or information.
But what actually happens during a Red Team and how does an Attack Simulation work in practise?
Updates To ISO 27002 And Its Impact
With the pending updates to the ISO 27002, it is now more well-rounded for tackling information security risks. What remains a constant, is the purpose of the standard to provide implementation guidance on security best practices for compliance to ISO 27001.
Managing Third-Party Risk
It is always in a company’s best interest to protect itself from vendor risks – before entering, during, and even after the vendor relationship has been established.
Singapore Cyber Landscape Report 2020: Everything you need to know
Hear from Privasec’s Regional Head of Asia, Quan Heng, on his thoughts on the Singapore Cyber Landscape 2020 report published on 8 July 2021.
ZenTao CMS – A Monkey’s journey to Priv Esc & Remote Code Execution
This article explores Zentao, understanding how its routing works, and identifying several vulnerabilities that lead to an attack chain that an attacker can execute in order to achieve remote code execution.
Former Service NSW Chief Security Tech Officer Speaks on Security Partners Engagement
Get to know the former Chief Security & Technology Officer at Service NSW as he shares in under 5 minutes his views on how companies can leverage their security partners and gain the most value in partner engagement.