Entries by Shearwater

How do you determine the scope of a penetration test?

Guidance on best practice scoping and the key pitfalls to avoid The objectives of penetration testing are to provide a level of assurance to match the risk profile (including any compliance requirements) for your organisation, whilst also providing a good ROI. How well your chosen penetration testing provider scopes your penetration test will determine the […]

How to Avoid Common Penetration Testing Pitfalls

Guidance for Penetration Testing Buyers There are many pitfalls and mistakes that organisations using, or considering using, penetration testing services can easily avoid. In the following blog article, we discuss ‘what not to do’ to ensure you receive the best penetration testing outcomes. There are many common penetration testing pitfalls and mistakes that you can […]

December 2018 Security Report | Shearwater Solutions

Featured this month: Exposed Remote Desktop connections create a soft target for attackers, email distribution platforms are increasingly being hijacked to facilitate mass phishing campaigns, several Self Encrypting Drives have multiple vulnerabilities, a VirtualBox Zero Day vulnerability, breaches that caused inconvenience for Dell, created danger and disruption for an Ohio hospital and exposed over 500,000 […]

WebEx, LibSSH Authentication & D-Link Router Vulnerabilities | Shearwater InfoSec Report

The Information Security Report is a monthly summary, compiled by Shearwater’s experienced cybersecurity professionals, to highlight the vulnerabilities and new attack vectors in some of the latest active threats, exploits and breaches and share recommendations to help you protect your data and stay a step ahead. Featured this month: A WebEx vulnerability that allows a […]

What you need to know about Business Email Compromise (BEC) attacks

Business Email Compromise (BEC) attacks are increasing at an alarming rate and look set to continue as a favoured method of cyberattack in the future. In this blog article, Shearwater’s social engineering and phishing expert, Damian Grace, provides guidance on what you can do TODAY to reduce your organisation’s risk. In a concerning trend, Australia […]

Information Security Report | October 2018

The Information Security Report is a monthly summary, compiled by Shearwater’s experienced cybersecurity professionals, to highlight the vulnerabilities and new attack vectors in some of the latest active threats, exploits and breaches and share recommendations to help you protect your data and stay a step ahead. This month features a new strain of malware designed […]