From the desk of Andrew Deer, CISSP CISM CISA QSA PCIP Who do you trust? It’s a question that can have a significant bearing on securing information. If like Ed Rooney in Ferris Bueller’s Day Off, you don’t trust anyone…
Read MoreAustralian healthcare provider Regis Healthcare has lost sensitive data to an international attacker. The attacker has also begun leaking some of this information, which has prompter Australian cyber security authorities. The company said today that it had “been targeted in…
Read MoreSummary After discovering an archive file which contained a malicious document, researchers from Malwarebytes began observing the actors behind the campaign in which the malicious document was used. Malwarebytes believes the actor may be a Chinese APT group that has…
Read MoreSeverity: HIGH What is affected: All versions of Windows Server with the Domain Name System (DNS) role enabled Description: The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server…
Read MoreWhen most of us think secure access, we might think of a password or a pin, a passphrase or even a set of numbers and letters. We use these to log on to our computer or phone, email, online banking…
Read MoreSeverity: HIGH What is affected: A privilege escalation vulnerability in VMware Fusion, VMRC for Mac and Horizon Client for Mac was privately reported to VMware. Updates are available to address this vulnerability. Description: VMware has released security updates to address a vulnerability in VMware…
Read MoreSeverity: CRITICAL What is affected: This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later versions. Description: Palo Alto Networks has released security updates to address a vulnerability affecting the use of Security Assertion Markup Language…
Read MoreThe Australian Government is currently aware of and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor. The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of proof-of-concept exploit code, web shells…
Read MoreSummary X-Force has identified a new squatting campaign used by threat actors to target the finance and insurance sector. The campaign has a global scope assumingly luring users into giving away their login credentials. Threat Type Squatting Domain, Phishing Domain,…
Read MoreFill out the form and we’ll be in touch as soon as possible or call our team on 1800 816 044.