Excellence, then, is not an act, but a habit
Excellence, then, is not an act, but a habit! It’s a saying that has been attributed to Aristotle and an American pro football player, but
News and updates
Law Firms And Cyber Tech: Don’t Just Do It
Security tech and law firms: Don’t just do it! The shiny allure of technology is so enticing and the siren’s call, “Just buy this thing
Happiness and long life with ISO 27001
Happiness and long life with ISO 27001! “Data is the new oil!” The phrase was famously uttered by British mathematician Clive Humby nearly 20 years
SharpC2 in the real world
SharpC2 is an open-source (.NET based) command-and-control framework developed by RastaMouse. The main component of SharpC2 is the TeamServer (and related .NET rich client) which
TPSP AOCs – Scoring goals and saving money!
In the increasingly data-driven e-commerce and finance space, protecting sensitive information has become a vital aspect of running any business, and one area that requires
Happy memories of an old Internet banking hack
The good old (Internet banking Hack) days! So a long time ago (25 years ago actually!) in a research centre not so far away, I
Survey results: Security for Australian law firms 2022-23
2023 State of Cyber Maturity for Australian Law Firms The 2023 State of Cyber Maturity for Australian Law Firms survey invited legal professionals to share their
Hey nice business!
It’d be a shame if something happened to it! In the real, physical world, extortion is a real problem and across the world, certain gangs
Relax! it’s not my first time!
Oh for heavens sake! Can we all agree that the Optus event doesn’t really matter? I mean, it really does matter, of course! But still, it
Penetration testing stats from the past two years
Some penetration testing stats from the past two years It was the great Gordon Ramsay that said, “I don’t like looking back. I’m always constantly
Honing our blue team skills
Honing our blue team skills Cybersecurity is a never-ending game of cat and mouse that is played between attackers (who seek to damage or otherwise
Cyber insurance: A risky business
Cyber insurance. A risky business! As the frequency of cyber attacks increases and incident recovery becomes more expensive, it is important for businesses to have
It’s still borked? The amazing tale of the second breach
What? It (still) doesn’t work (again)? Just a quick update to our most recent blog-post… Things do change so quickly on the interwebs you know!
What? It’s borked? When on earth did that happen?
When on earth did that happen? Can you imagine that a reputable organisation would deploy a business-critical security service without first designing and testing it,
It’s in the trees! It’s coming!
It’s in the trees! It’s coming! * Since March, we’ve been very busy providing incident-response and recovery services for organisations that have fallen victim to
Good news! DotSec’s AOC for Service Providers saves you money!
Good news! DotSec’s AOC for Service Providers saves you money! DotSec provides managed SIEM services to customers in a range of industries but as described
Dangling DNS records (part 3) – The final pluck!
Dangling DNS records (part 3) – The final pluck! In the final (?) part of our investigation into dangling DNS records and the risk that
Dangling DNS records (part 2) – Still dangling!
Dangling DNS records (part 2) – Still dangling! In our previous Dangling DNS records post, we examined the risks of leaving ‘dangling’ CNAME records pointing to
Dangling DNS records (part 1) – Abandon and dispair!
Dangling DNS records (part 1) – Abandon and dispair! Recently, there has been some interesting news describing how attackers have been able to take over
Worried about sophisticated, state-based cyber actors?
Worried about sophisticated, state-based cyber actors? As you will be aware of by now, the Prime Minister warned Australians of “sophisticated, state-based cyber actors” targeting
Scareware v1 – Just silly… probably
Scareware v1 – Just silly… probably Along with lots of other people on the Internet, you’ve probably received an unsolicited email, not only threatening you
It’s not what you know…
It’s not what you know! (Actually, that’s exactly what it is!) Monitoring eCommerce sites for compromise DotSec knows that securing eCommerce sites properly can be
You’re invited to breakfast!
You’re invited to breakfast! Join us for breakfast and hear about the kinds of security measures you can use to securely deploy your on-line services,
Splunk for compliance, due diligence, incident detection and response.
Splunk for compliance, due diligence, incident detection and response. We recently delivered a presso that described how DotSec has used Splunk for a number of