News and updates - DotSec - Cyber security specialists

Relax! it’s not my first time!

Oh for heavens sake! Can we all agree that the Optus event doesn’t really matter? I mean, it really does matter, of course! But still, it kinda feels like deja view all over again [1] and I can’t help but think I should relax! It’s not my first time! Once upon a time… [2] Five years […]

Penetration testing over two years

Some penetration testing stats It was the great Gordon Ramsay that said, “I don’t like looking back. I’m always constantly looking forward. I’m not the one to sort of sit and cry over spilt milk. I’m too busy looking for the next cow.” But still, it can’t hurt to keep track of how the cow-hunting […]

Cyber insurance: A risky business

Cyber insurance. A risky business! As the frequency of cyber attacks increases and incident recovery becomes more expensive, it is important for businesses to have cyber insurance to reduce the potential losses associated with such events. In fact, such coverage is something we expect will become mandatory for all kinds of contracts and agreements in […]

It’s in the trees! It’s coming!

It’s in the trees! It’s coming! * Since March, we’ve been very busy providing incident-response and recovery services for organisations that have fallen victim to cyber crime. During that time, we have observed: Similarities in the security services, infrastructure and practices that were in place before the target organisations were compromised. Similarities in tactics and […]

Dangling DNS (3) – The final pluck!

Dangling DNS (part 3) – The final pluck! In the final (?) part of our investigation into dangling DNS records and the risk that they present to organisations, we’ll review ‘elastic’ IP addresses as supported by the various cloud providers including AWS, Azure and Google Cloud. For the most part (because we’re most familiar with […]

Dangling DNS (2) – Still dangling!

Dangling DNS (part 2) – Still dangling! In our previous Dangling DNS records post, we examined the risks of leaving ‘dangling’ CNAME records pointing to DNS zones which are not under the domain-owner’s sole control. The consequences include increased risk of successful phishing attacks as well as reputational damage. The examples given in that post focused […]

Dangling DNS (1) – Abandon, despair!

Dangling DNS (part 1) – Abandon and dispair! Recently, there has been some interesting news describing how attackers have been able to take over various subdomains by taking advantage of dangling DNS records. To recap, this is a security mis-configuration issue: A victim organisation sets up (perhaps in a testing scenario) a service on a […]

Sophisticated, state-based actors?

Sophisticated, state-based cyber actors? As you will be aware of by now, the Prime Minister warned Australians of “sophisticated, state-based cyber actors” targeting Australian organisations and all tiers of government. But is the sky really falling and if it is, will we all be equally devastated when it crashes down? And what are the risks […]

Scareware v1 – Just silly… probably

Scareware v1 – Just silly Probably Along with lots of other people on the Internet, you’ve probably received an unsolicited email, not only threatening you but claiming to have stolen your password and hacked your web cam. The emails generally go along the following lines: While poorly worded, the email can certainly appear alarming and […]

It’s not what you know…

It’s not what you know! (Actually, that’s exactly what it is!) Monitoring eCommerce sites for compromise DotSec knows that securing eCommerce sites properly can be tricky. Various best-practice guides to securing eCommerce software such as Magento do exist (see [1], [2] below) but despite the efforts of all concerned (including system owners, third-party providers, developers […]