Making the
world a
safer place

Talking Cyber Security – Cyber pragmatism the impact and consequences.

Threats from modern cyber attacks are becoming bigger than any IT department or Help desk in any organisation around the globe. The internalisation of the management and accountability of a security incident is becoming an unattainable business function. The market is seeing a growing need to externalise the cost of an incident. With businesses better…

Meltdown and Spectre

What’s the risk? Meltdown and Spectre are two vulnerabilities which have been gaining substantial media attention over recent months.  These vulnerabilities reside in the hardware of modern CPUs. These hardware vulnerabilities allow programs and applications to steal data currently being processed on the computer including that of privileged applications.  This data may include system passwords,…

CQR Security Bulletin – Cisco ASA WebVPN Bug, Understanding The Risks And How To Reduce It

What’s the risk? An unauthenticated Remote Code Execution/Denial of Service vulnerability has been identified as affecting the WebVPN component of various Cisco ASA services.  This vulnerability presents a significant risk to an organisation’s Confidentiality, Integrity and Availability as it may allow an external attacker to remotely compromise an organisation’s VPN gateway. How might you be…

Talking Cyber Security: Protection is more than just a solution

In this instalment of ‘Talking Cyber Security’ Phil Kernick and David Simpson discuss how organisations should be looking at their business and what considerations they should be making, including looking at their past, present and future Cyber Security strategy in-line with their business. With no regulations set around software, it’s development, function, use and it’s…

Advice for avoiding an Uber style breach

Uber have recently released details of a large-scale data breach identified to have occurred in October 2016.  As with all companies of this size, Uber was legally required to report the hack to regulators and users affected by the breach.  However, the decision was made to pay off the hackers (~$132,000 AUD) for the deletion…

Insecure S3 buckets expose Australian Government data

The Australian Government is among a small collection of companies who have fallen victim to the insecure storage practices of a third-party contractor, leading to the exposure of emails, passwords, credit card details and other personal information of nearly 50,000 Australian staff. Organisations caught up in this breach include UGL Limited, AMP Limited and Rabobank,…

Make one internal change to increase Cyber Security

The Australian Cyber Security Magazine captured insights from Alex Hoffmann, General Manager of CQR, filmed on location at #AISACON17, Sydney. Here is a great case study on recognising an internal champion to effect change for enhanced Cyber Security in an enterprise. Make one internal change to increase Cyber Security *As published by the Australian Cyber Security…

The downside of DevOps: faster isn’t always better

DevOps is gaining popularity – but there are limitations, writes Phil Kernick, CTO at information security specialist CQR… The downside of DevOps: faster isn’t always better *Original article printed on istart.com.au

We use cookies on this site to provide you with a better user experience. Read More