The Australian Federal Government has launched several initiatives to combat cybercrime, with a particular focus on ransomware attacks. The introduction of new regulations, sanctions on cybercriminal groups, and the development of practical resources like the Ransomware Playbook signal a firm stance against digital threats. For companies affected by cyberattacks, cyber security service providers like Red… Continue reading Government Initiatives and Sanctions: Strengthening Cyber Security in Australia

Penetration testing – or pen-testing as we colloquially call it – is a crucial component to a robust security programme in any organisation. As management, it’s critical you understand where pen-testing fits into your programme and what it can do for your organisation. Equally important is what it can’t do, and how the different “flavours”… Continue reading Black Box Penetration Testing

AWS is an incredibly powerful cloud platform that enables businesses to quickly and efficiently deploy a wide range of software and services to end users.  This feature-rich environment does of course increase the attack surface that bad actors have to exploit, especially when combined with lax configurations and poorly designed APIs. In this blog post,… Continue reading When it all goes wrong on AWS – how an SSRF can lead to full control of your EC2 infrastructure