Shearwater Security Report June

Shearwater Security Report | July 2019

Our monthly Security Report highlights some of the recent cybersecurity threats making headlines around the world. Compiled by Shearwater’s experienced cybersecurity professionals, this report identifies new attack vectors used by cybercriminals, and helps you stay one step ahead of the attackers. In this report we feature: · Firefox – critical vulnerability uncovered by targeted attacks […]

Security Awareness Success

3 Pillars for Security Awareness Success

“Are your staff going to be your greatest risk, or your greatest assets?” That was the question posed by Damian Grace, General Manager of Phriendly Phishing – the comprehensive email security awareness program developed by Shearwater Solutions. The modus operandi of those intent on harming your organisation has changed. With the focus shifting away from […]

Cybersecurity Skills Shortage Demands Fresh Thinking

Skills Shortage Demands Fresh Thinking

With cybersecurity strategies constrained by staffing challenges, Managed Security Services helps your organisation stay safe. After investing many valuable hours training your cybersecurity team, few things are as frustrating as seeing staff up and leave to pursue job opportunities elsewhere. Yet, as IT Managers and cybersecurity leaders across Australia will attest, retaining top quality tech […]

Your staff is the front-line in your security strategy

Your staff is the front-line in your security strategy

“Every organisation is a custodian”. That was the message delivered by Shannon Lane, Director of Shearwater Solutions when he addressed the team at ARC Student Life at the University of New South Wales. We’re all entrusted to hold confidential information on behalf of our customers, staff and stakeholders. That’s just as true for a private […]

april-shearwater-report

April 2019 Security Report | Shearwater Solutions

Featured this security report: ASUS release a critical software update to combat “ShadowHammer” Trojan Malware, CISCO’s RV320 and RV325 small business routers are vulnerable to attack, Zero-day vulnerabilities found in Google Chrome and Microsoft Windows are being exploited simultaneously, the recent WinRaR vulnerability is being abused en-masse by threat actors, Adobe patches Cold Fusion to […]

difference between vulnerability assessment and penetration testing

What is the difference between vulnerability assessment and penetration testing?

There is often confusion around the role of a vulnerability assessment versus a penetration test. This is compounded by unscrupulous security vendors presenting (and pricing) a vulnerability assessment as a penetration test. Aside from poor ROI, this can give an organisation a false sense of security, when in fact they have only received a basic […]

Demonstrating the ROI of Security Penetration Testing to Management

Demonstrating the ROI of Security Penetration Testing to Management

How do you demonstrate the ROI of Security Penetration testing ? From the management team’s point of view, making the decision to commit to an ongoing cybersecurity budget may be seen as adding yet another expense, with little visibility of a return on investment (ROI). This is particularly true for organisations who are not involved in […]

December 2018 Security Report | Shearwater Solutions

Featured this month: Exposed Remote Desktop connections create a soft target for attackers, email distribution platforms are increasingly being hijacked to facilitate mass phishing campaigns, several Self Encrypting Drives have multiple vulnerabilities, a VirtualBox Zero Day vulnerability, breaches that caused inconvenience for Dell, created danger and disruption for an Ohio hospital and exposed over 500,000 […]

WebEx Vulnerabilities

WebEx, LibSSH Authentication & D-Link Router Vulnerabilities | Shearwater InfoSec Report

The Information Security Report is a monthly summary, compiled by Shearwater’s experienced cybersecurity professionals, to highlight the vulnerabilities and new attack vectors in some of the latest active threats, exploits and breaches and share recommendations to help you protect your data and stay a step ahead. Featured this month: A WebEx vulnerability that allows a […]

Business Email Compromise BEC Attacks

What you need to know about Business Email Compromise (BEC) attacks

Business Email Compromise (BEC) attacks are increasing at an alarming rate and look set to continue as a favoured method of cyberattack in the future. In this blog article, Shearwater’s social engineering and phishing expert, Damian Grace, provides guidance on what you can do TODAY to reduce your organisation’s risk. In a concerning trend, Australia […]