alt="dotSec"

Five multi-billion-dollar companies in two months… the past and the future

Woman in vintage steampunk workshop, wearing goggles, examines a metal control panel with pipes and gauges nearby.

Five multi-billion-dollar companies in two months… the past and the future Your Content Security Policy is strict. Your HTTP monitoring is solid. You’ve patched your web site and application as well as you can. And yet, sensitive data (payment card details, customer details, source code, etc.) is leaving your site through a channel your security […]

Managed SIEM services case study: tailored Splunk Enterprise Security for an Australian financial services platform

Woman in a vintage lab operates a brass steampunk computer displaying a dotted maze and skull icon on the screen.

Managed SIEM services case study: tailored Splunk Enterprise Security for an Australian financial services platform​ A large Australian consumer-facing financial services business asked us to take their Splunk Cloud environment from “we have the platform” to “we have detection content that actually fires on what matters in our estate”.  Over a three-phase engagement, dotSec delivered […]

Anthropic Mythos: The model, the myth and the mundane

Young girl crouching outdoors, examining a spider with a magnifying glass.

Anthropic Mythos: The model, the myth and the mundane Anthropic Mythos (and AI in general) does pose a cyber risk! But the context and caveats surrounding that statement tend to get lost in mainstream media coverage. Context and caveats don’t make for apocalyptic headlines, so they get dropped… Let’s look at Anthropic Mythos: The model, […]

Your developers work for Cyber Gangs

Your developers work for cyber gangs Well, not deliberately. But if they’re building software with open-source components, there’s a chance that what they shipped last month included code placed there by criminals. And neither they nor you may know. If your organisation builds or customises software (and almost every organisation does, even if it’s just […]

Why ransomware victims pay, and what smart organisations do instead

Why ransomware victims pay, and what smart organisations do instead Ransomware extortion follows rational economics, not random chaos. When assets are valuable, defences are weak, and consequences for attackers are low, extortion thrives. This pattern holds whether the extortionist is the Sicilian Cosa Nostra or a ransomware group operating from a server in St Petersburg. […]

Why your staff click spelling-mistake laden emails (and how to actually stop them)

Steampunk fish sculpture perched on a mound of gold coins in a dim underground vault with pipes and gauges far in the background.

Why your staff click spelling mistake-laden emails (and how to actually stop them) You have done everything “right” by the book… “Cyber Awareness” training modules… posters in the lunchroom… even warning emails about the latest package-delivery scams. Yet, when the phishing simulation results come back (or worse, when a real incident report lands on your desk […]

Proxied Execution via Custom Trace Listeners

Proxied Execution via Custom Trace Listeners Our ongoing work into assumed-breach and adversary-emulation tactics provide the meat for this post, the first in a new two-part series.   In summary: System.Diagnostics.Debug/Trace classes can be used to debug or instrument .NET executables/DLLs. Custom TraceListener .NET DLLs can be loaded via configuration. Some trusted signed (Production) executables on […]

Case study: data loss detection for national law firm

Case study: data exfiltration detection for national law firm Customer: National Australian law firm Service: Implementation of data exfiltration detections for Splunk Enterprise Security (ES) Outcome: Practical, always-on detections that surface suspicious data movement across cloud services, endpoints, and network activity Contact us > Background and context Data exfiltration is one of the hardest security […]

Managed SOC/SIEM use cases​

Managed SOC/SIEM use cases This video walks us through four SIEM case studies that show how SIEM can strengthens security operations and prevent costly incidents. Take eight minutes out of your day to see and hear about some of our past SIEM security projects (both preventative and responsive) that show how SIEM and MDR solutions effectively […]

ASIC sues for systemic and prolonged cybersecurity failures

ASIC sues FIIG for systemic and prolonged security failures ASIC has commenced a law suit in the Federal Court of Australia.  ASIC alleges that from March 2019 to 8 June 2023, FIIG Securities Limited failed to take the appropriate steps, as is required by an Australian Financial Services (AFS) licensee, to ensure it had adequate […]