IRAP Assessment Microsoft

A Milestone for Microsoft Australia and Shearwater

We are very excited about Microsoft’s announcement that the Australian Signals Directorate (ASD) has certified a number of Microsoft’s Australian based online services offerings. The majority of these newly certified services are simply not available from any other cloud service. With these certifications, Australian hospitals, educators and government agencies at federal, state and local level […]

Ten things you should know about ISO/IEC 27001

By Shannon Lane 1.    What it ISO 27001 ISO 27001 is an international standard for information security management. 2.    Why is ISO 27001 important to me? Information is the lifeblood of most contemporary organisations’. It provides intelligence, commercial advantage and future plans that drive success. Most Organisation store these highly prized information assets  electronically. Therefore, […]

What should I look for in a Threat Intelligence Solution?

This blog article is part of a series: Part 1 | Part 2 | Part 3 In this final article in this series, I provide some guidance on what to look for in a CTI solution. The four important questions when assessing CTI should be: How current is the Threat Intelligence Provided? How broad is […]

Is Cyber Threat Intelligence worth investing in?

This blog article is part of a series: Part 1 | Part 2 | Part 3 In this blog article, I am seeking to address the question of whether CTI is worth investing in. Many vendors of Web Proxies, SIEM solutions, IPS, Firewall, UTM’s and email filtering technologies already provide a threat feed. The question […]

What business problem does Cyber Threat Intelligence (promise to) solve?

This blog article is part of a series: Part 1 | Part 2 | Part 3 The cyber industry is certainly excited by CTI, and I don’t want to make any predictions on whether the excitement will blow over any time soon. The Threat Intelligence approach, does provide some hope, yes hope, of lessening a […]

December 2016 Internet Security Report

Merry Christmas and a Happy New Year! December 2016 was full of the usual Phishing, Malvertising, weak security of IoT devices and large breaches of user accounts that the rest of the year had delivered. If you have a Yahoo email account or an email service that is run through Yahoo’s mail service, please change […]

What is Cyber Threat Intelligence? And when do you need it?

Cyber Threat Intelligence (CTI) appears to be one of the hot topics in information security at the moment. Almost every vendor as well as the open source community has their unique take on what is, and what is not important in the CTI arena. I have been asked a number of questions by clients and […]

November 2016 Internet Security Report

The ransomware threat continued to thrive with new variants, payloads and even using social media as a delivery platform. A vulnerability found in a German ISPs router caused havoc in late November with almost 1 million users knocked into darkness as the result of a recent increase in Mirai worm activity. Social engineering was brought […]

October 2016 Internet Security Report

Joomla takes the cake for most serious exploits doing the rounds this month, with a combination of account creation and privilege escalation vulnerabilities proving an easy way to take complete control of various versions of Joomla. The diagnosis is grim for anyone who was not paying enough attention to patch within 24 hours as mass […]

September 2016 Internet Security Report

September 2016 successfully delivered an eventful month for cyber security with a handful of threats, breaches and interesting developments in the security of Internet of Things devices. A Denial of Service attack on the website of investigative journalist Brian Kerbs was found to be largely comprised of compromised Internet of Things devices.  Ransomware continued to […]

August 2016 Internet Security Report

August 2016 was an overall interesting month for cyber security with the annual conferences taking place in America, the Census providing some interesting lessons learnt and discussion; and the Olympics creating an interesting platform for malicious actors. In addition to this, the industry as a whole experienced a diverse range of new threats, breaches and […]

July 2016 Internet Security Report

Threats Ransomware delivery through compromised websites continues to be a continued threat for end users despite the slowdown in major ransomware and exploit kit activity over previous months. There have been reports of the SoakSoak botnet performing automated reconnaissance and exploitation of websites through a vulnerable wordpress plugin resulting in the delivery of CryptXXX ransomware […]