TikTok bans: why should other social media get a pass?
While social media can be a powerful marketing tool, it is not risk free. TikTok is the latest in a long line of social media platforms to draw negative press and government approbation. Many organisations have chosen to ban TikTok from their devices around national security and privacy concerns: but the issues are not limited […]
Can we use and trust AI in Cyber Security?
Can we use and trust AI in cyber security? Here at Brace168 we have been having endless discussions on how we could use AI tools such as ChatGPT to improve our security operations. Although machine learning and other AI tools have been in use for quite some time, we see enormous potential for the latest […]
Common Vulnerabilities and Exposures – October 2022
Critical Zoho ManageEngine RCE Vulnerability On the 22nd September 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) added a critical unauthenticated Remote Code Execution (RCE) vulnerability affecting Zoho ManageEngine products to their Known Exploited Vulnerabilities catalog. This vulnerability has a CVSS score of 9.8 and exploits a java deserialisation vulnerability that allows an unauthenticated […]
Hacks – October 2022
September saw a significant number of cyber breaches with Uber, Rockstar Games and Optus all impacted within a week. The attack methods observed in these breaches were MFA fatigue attacks and a vulnerable public API in the case of the Optus breach. MFA fatigue attacks are becoming a more frequently used MFA bypass technique, where […]
March 2022 Okta LAPSUS$ security incident
At 2:09pm on the 22nd of March 2022 (AEDT), the advanced persistent threat actor (APT) group “LAPSUS$” released screenshots and claims, on the encrypted messaging app Telegram [1] they had achieved superuser access to the Okta Cloud platform, as well as access to other internal systems including the Okta Atlassian suite and Okta Slack channels. […]
Log4j Vulnerability
Log4j continues to disrupt global festive season change freezes. On Friday (10 December 2021), NIST announced a remote code execution vulnerability (CVE-2021-44228) https://nvd.nist.gov/vuln/detail/CVE-2021-44228 in the Apache log4j project. Log4j is one of the pervasive, open-source building blocks that applications across your infrastructure use for logging. The vulnerability is of critical severity as it can be […]
Hacks – Importance of configuration management
Hackers are smart and know a lot of simple tricks to get around the cybersecurity defences that companies spend a huge amount of dollars and time to implement. Once inside a network one of the main aims is to steal data and exfiltrate it to an external destination; this is considered one of the most […]
News U.S Colonial Fuel Pipeline Ransomware Attack
Attackers tend to target major organisations like banks, software companies, vendors & financial firms. On May 7th Colonial Pipeline got attacked. A ransomware attack had been executed, completely shutting down their supply of fuel & gas. The company suffered major losses. This is one of the purposes of attacks like these, to de-stabilize an organisation […]
Ransomware A Real World Incident
Late last year Brace168 was engaged to respond to a ransomware attack to conducted incident response services. The ransomware in question was a previously unknown variant of ‘zusy’ malware delivered through a trojanised open-source software, Notepad++. On the day of the attack, Brace168 initiated a War Room to immediately respond to the situation and work […]
Here are some of our musings about the Cyber Security industry.
The real question is the cost of not having a cyber security plan. We all hate paying our insurance policies. Trust me, it’s one of my pet hates each year when they come around, but let me tell you a story. In 2011, I had an accident … a big one. I broke my neck. […]
