by Security Centric GRC, on 27/11/2024 10:17:17 PM
The Australian Government has introduced sweeping changes to strengthen the national cyber security posture through a landmark Cyber Security Legislation Package, enacted on the 25th of November. These reforms aim …
Read Storyby Sash Vasilevski, on 05/06/2024 5:41:56 PM
The Problem It seems like every other day there is a public announcement of a compromise involving unauthorised access to Microsoft 365. Privately, we are called in more often than …
Read Storyby Tarek Chalaan, on 06/05/2024 10:53:08 AM
Today we Investigate CVE-2024-3094, a vulnerability discovered by developer Andres Freund while dissecting SSH performance failures. If gone undetected, this vulnerability could have led to a global cyber outbreak. In …
Read Storyby Alex W, on 17/11/2023 4:18:03 PM
The statistics provided in the Australian Signals Directorate Cyber Threat Report paint a bleak picture of the cybersecurity landscape in Australia with the average cost of an incident and the …
Read Storyby Security Centric, on 30/09/2022 11:27:32 AM
The Optus PII breach has been the subject of many conversations the past week or so - at the technical level all the way through to advising boards on what …
Read Storyby Security Centric, on 02/06/2022 1:38:36 PM
After a lengthy traverse through the various stages of parliament, the final updates to the Security Legislation Amendment of the Critical Infrastructure Protection Act (SLACIP) passed at the end of …
Read Storyby Security Centric, on 13/04/2022 4:57:04 PM
It's that time of year when the team over at Mimecast releases their much-anticipated State of Email Security report. Covering data that spans the entirety of 2021, the report surveyed …
Read Storyby Security Centric, on 24/03/2022 8:48:01 AM
News came to light recently from a threat actor group that authentication provider Okta had been compromised by one of their members. Okta later confirmed this, saying that an account …
Read Storyby Alex W, on 22/03/2022 9:55:37 AM
As security teams assess the key vulnerabilities of their IT infrastructures, growing attention is being placed on cyber supply chains. Attacks, such as the high-profile SolarWinds incident, occur when cybercriminals …
Read Storyby Security Centric, on 22/02/2022 2:30:27 PM
If you're not yet familiar with the ISO 27001 standard, it's an internationally recognised certification standard specifically focused on information security. Using the policies and procedures outlined in the standard …
Read Storyby Security Centric, on 17/01/2022 4:09:40 PM
Organisational risk covers a lot of bases within a business, from issues such as staff shortages and regulatory changes through to global pandemics and cyber threats. Knowing what to focus …
Read Storyby Security Centric, on 06/01/2022 12:15:00 PM
Last month Security Centric principal consultant Sash Vasilevski provided his expertise to Business IT, outlining recommendations for cybersecurity uplift measures for small to medium enterprises. Throughout the article, an outline …
Read Storyby Security Centric, on 04/01/2022 12:15:00 PM
In the many years that Security Centric has been partnering with organisations to provide services ranging from compliance, penetration testing, and security engineering through to managed security services such as …
Read Storyby Security Centric, on 30/12/2021 1:00:00 PM
With the IT security landscape constantly evolving, many businesses struggle to find and retain people with the knowledge and skills required to counter threats. Last month, Security Centric's Sash Vasilevski …
Read Storyby Security Centric, on 28/12/2021 11:17:00 AM
Earlier this month Security Centric's Sash Vasilevski provided expert opinion to the team at iTWire on the ins and outs of implementing zero trust as an outcome of the ongoing …
Read Storyby Sash, on 22/12/2021 9:13:10 AM
2021 has been challenging for the team at Security Centric, as it has for everyone, hopping in and out of lockdowns, an increasing workload and new team members. As we …
Read Storyby Security Centric, on 11/12/2021 3:25:30 PM
A new remote code execution vulnerability has been discovered affecting a common software library used in many systems and applications. A Java library, log4j2, is widely used in embedded systems …
Read Storyby Security Centric, on 10/09/2021 1:18:32 PM
A new troubling remote code execution vulnerability has been discovered that affects customers using Office 365 and Office 2019 on Windows 10 and is already being exploited by malicious actors …
Read Storyby Security Centric, on 18/08/2021 4:01:02 PM
If you were to ask us what the main cybersecurity mistakes organisations routinely make were, the one where businesses rely on their everyday IT team or providers to also perform …
Read Storyby Security Centric, on 22/06/2021 11:18:46 AM
The fact that ransomware is continuing to be a prolific threat probably isn’t news to those of you in the world of cybersecurity – however we know that most organisations …
Read StoryThe purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.
Read about:
Level 34, 201 Elizabeth St
Sydney, NSW 2000
Call us: +61 2 9199 0000