Dangling DNS (3) – The final pluck!
Dangling DNS (part 3) – The final pluck! In the final (?) part of our investigation into dangling DNS records and the risk that they present to organisations, we’ll review ‘elastic’ IP addresses as supported by the various cloud providers including AWS, Azure and Google Cloud. For the most part (because we’re most familiar with […]
Dangling DNS (2) – Still dangling!
Dangling DNS (part 2) – Still dangling! In our previous Dangling DNS records post, we examined the risks of leaving ‘dangling’ CNAME records pointing to DNS zones which are not under the domain-owner’s sole control. The consequences include increased risk of successful phishing attacks as well as reputational damage. The examples given in that post focused […]
Dangling DNS (1) – Abandon, despair!
Dangling DNS (part 1) – Abandon and dispair! Recently, there has been some interesting news describing how attackers have been able to take over various subdomains by taking advantage of dangling DNS records. To recap, this is a security mis-configuration issue: A victim organisation sets up (perhaps in a testing scenario) a service on a […]
Sophisticated, state-based actors?
Sophisticated, state-based cyber actors? As you will be aware of by now, the Prime Minister warned Australians of “sophisticated, state-based cyber actors” targeting Australian organisations and all tiers of government. But is the sky really falling and if it is, will we all be equally devastated when it crashes down? And what are the risks […]
Scareware v1 – Just silly… probably
Scareware v1 – Just silly Probably Along with lots of other people on the Internet, you’ve probably received an unsolicited email, not only threatening you but claiming to have stolen your password and hacked your web cam. The emails generally go along the following lines: While poorly worded, the email can certainly appear alarming and […]
It’s not what you know…
It’s not what you know! (Actually, that’s exactly what it is!) Monitoring eCommerce sites for compromise DotSec knows that securing eCommerce sites properly can be tricky. Various best-practice guides to securing eCommerce software such as Magento do exist (see [1], [2] below) but despite the efforts of all concerned (including system owners, third-party providers, developers […]
Security for Australian law firms
2023 State of Cyber Maturity for Australian Law Firms The 2023 State of Cyber Maturity for Australian Law Firms survey invited legal professionals to share their approaches, motivations, decision making, and management towards cyber security. DotSec commissioned independent market research firm Momentum Intelligence to conduct the survey in collaboration with Lawyers Weekly. The survey was conducted on behalf […]
Not the patches you’re looking for
If a vulnerability scan identifies that a system is missing medium-risk vendor-supplied security patches, these patches must still be applied in order to be compliant with PCI DSS requirement 6.2, as described above. The fact that a vulnerability scan identified the issue and reported it as only a medium risk has no bearing as to […]
Splunk for IDCR.
Splunk for compliance and incident response. We recently delivered a presso that described how DotSec has used Splunk for a number of interesting projects. (In preparing the presso, I was a bit shocked to discover that we’ve actually been using Splunk now for over 12 years! Fun times!) Anyhow, our presentation was quite interactive, and […]
IRAP compliance for national provider
New IRAP case study! We’ve compiled a case study that summarises 18 months of very challenging, rewarding and ultimately successful work, guiding the development of an IRAP-compliant information security management practice. Our client was an international service-provider to governments in Australia and overseas. In order to be able to provide services to the Australian federal […]