Blog

Cybersecurity Blog Title Image
January 30, 2024

The Impact of Cybersecurity Breaches on Australian Businesses in 2023

In the digital era, cybersecurity breaches are a critical concern globally, and Australia is no exception. With the increasing dependency on digital platforms, Australian businesses face significant challenges in safeguarding data. The Office of the Australian Information Commissioner (OAIC) plays a pivotal role in monitoring these breaches, providing valuable insights into the cybersecurity landscape in… Continue reading The Impact of Cybersecurity Breaches on Australian Businesses in 2023

Read More
Is Ransomware a Threat to Your Organisation?
December 22, 2023

Is Ransomware a Threat to Your Organisation?

A ransomware attack is a type of malicious cyberattack in which the attacker encrypts the victim’s data and demands a ransom payment in exchange for the decryption key. Ransomware is a form of malware (malicious software) that, once infiltrated into a computer system or network, encrypts files or entire systems, rendering them inaccessible to the… Continue reading Is Ransomware a Threat to Your Organisation?

Read More
Anatomy of a Penetration Test
November 2, 2023

Penetration Testing: Unravelling the Anatomy

In an era where the digital landscape is riddled with threats and vulnerabilities, organisations must be proactive in safeguarding their information systems. Penetration testing, often known as ethical hacking or pen testing, is a vital practice in the world of cybersecurity. It allows organisations to assess their security posture, identify vulnerabilities, and fortify their defences.… Continue reading Penetration Testing: Unravelling the Anatomy

Read More
Cyber Security Strategy and Policy with Red Cursor
October 4, 2023

Building an Effective Cyber Security Strategy

A cyber security strategy is a comprehensive plan of actions and a portfolio of technologies, policies, procedures, and measures designed to protect and minimise risk to an organisation’s digital assets, information, and technology infrastructure from a wide range of cyber threats and attacks. An effective strategy should be a commitment to staying vigilant and applying… Continue reading Building an Effective Cyber Security Strategy

Read More
The Importance of Regular Penetration Testing for Cloud Security: What is the cost of deprioritisation?
September 19, 2023

The Importance of Regular Penetration Testing for Cloud Security: What is the cost of deprioritisation?

In the ever-evolving landscape of cybersecurity, cloud computing has become the backbone of modern businesses. The agility, scalability, and cost-effectiveness of cloud services have revolutionised the way organisations operate. However, this digital transformation has also introduced new and complex security challenges. Maintaining security is a challenge for all businesses operating directly or indirectly in the… Continue reading The Importance of Regular Penetration Testing for Cloud Security: What is the cost of deprioritisation?

Read More
The best AI Chatbot for Penetration Testing
August 23, 2023

The Best AI Chatbot for Penetration Testing (Part Two)

Our previous article reviewed 5 of the top AI Chatbots in an attempt to determine which bots performed the best when used to source knowledge, code and build a Penetration Testing tool for 3 subject matter areas. Unsurprisingly this review only led to more questions and a very clear outcome. ChatGPT was the head and… Continue reading The Best AI Chatbot for Penetration Testing (Part Two)

Read More
August 7, 2023

What is the best AI ChatBot to use for Penetration Testing (Part One)

Our earlier Red Cursor blog articles on how to use ChatGPT to aid with Penetration Testing have given our team cause to pause and wonder, what is the best AI Chatbot for aiding in pen testing? Unsurprisingly, our research has led to many more questions, so for a bit of foreshadowing, we will need to… Continue reading What is the best AI ChatBot to use for Penetration Testing (Part One)

Read More
Using ChatGPT to streamline delivery of Penetration Testing Services
May 10, 2023

How AI Chatbots can Expedite Penetration Testing Service Delivery

ChatGPT is an artificial intelligence (AI) language model developed by OpenAI that is capable of generating human-like responses to natural language input. It is based on the Generative Pre-trained Transformer (GPT) architecture and has been trained on a vast amount of text data, enabling it to understand and generate coherent and relevant responses to a… Continue reading How AI Chatbots can Expedite Penetration Testing Service Delivery

Read More
Social Engineering - How Secure Organisations Are Compromised
April 19, 2023

Social Engineering: How Secure Organisations Are Compromised

Social Engineering is an issue not just for casual internet users but is a very successful methodology for malicious operators to bypass strong security protocols in businesses, even large global brands as demonstrated in the media. Companies with top down technical expertise may still have employees trained in simple security protocols but can still be… Continue reading Social Engineering: How Secure Organisations Are Compromised

Read More
API Secuirty
March 18, 2023

Is Your Business Balancing API Productivity Gains with Risk Mitigation?

APIs are a critical component of any digital business, sharing information between various software solutions and streamlining and improving business productivity through system integration. They allow modularity in development projects, increase the scalability of the business and in theory should enhance your software security. API security breaches have become increasingly common in recent years, with… Continue reading Is Your Business Balancing API Productivity Gains with Risk Mitigation?

Read More
October 6, 2022

Using Mimikatz

OverPass-the-Hash Mimikatz can perform the well-known operation “OverPass-The-Hash” to run a process under the security context of another account’s credentials. This is extremely powerful and should not be underestimated. Behind the scenes, Mimikatz requests a Kerberos ticket from the domain controller using the NTLM hash provided. The Kerberos ticket allows authentication to Kerberos services within… Continue reading Using Mimikatz

Read More
October 5, 2022

Penetration Testing Frequently Asked Questions

When is penetration testing required? You have developed an application (in-house or outsourced), purchased an application (commercial off the shelf product), or purchased a software as a service (SaaS) and have concerns or compliance requirements regarding the security of the application or data stored. These concerns can be broadly categorised, in that an adversary or… Continue reading Penetration Testing Frequently Asked Questions

Read More