CyberCX Blog

Expert analysis, industry insights and latest news from our leading cyber security experts.

 

 

When Scanning Isn’t Enough: Practical Tips for Log4j Vulnerability Detection

The Log4j critical vulnerability (CVE-2021-44228) is being actively exploited and is a major concern for organisations worldwide.

LOG4J CRITICAL VULNERABILITY (CVE-2021-44228): PLANNING FOR THE HOLIDAYS

The Log4j/Log4Shell incident is continuing to evolve. We have seen both blue teams and red

LOG4J CRITICAL VULNERABILITY (CVE-2021-44228): PRACTICAL TIPS TO PROTECT YOUR ORGANISATIONS

Over the weekend, the Log4j vulnerability kept security teams across the world at work and

CyberCX Security Report | September 2021

  • Delayed Reporting of Breaches Due to System Faults
  • Cyber Criminals Target GitHub Repositories
  • Top API Vulnerabilities
  • Microsoft Exchange Server Vulnerabilities

Ten things you should know about ISO/IEC 27001

ISO 27001 is a risk-based compliance framework designed to help organisations effectively manage information security.

CyberCX Security Report | August 2021

  • Privacy and Universal Jurisdiction
  • Microsoft Warns of New Phishing Campaign
  • Director Responsibility for Cyber Security
  • Joint Advisory by AU, US and UK

CyberCX Security Report | July 2021

  • The Race to Patch
  • Insurance and Ransom Payments
  • Securing VPNs

Enhancing protection of Australian critical infrastructure

Critical infrastructure law reform remains a major focus for the Australian Government in 2021.

CyberCX Security Report | June 2021

  • Securing OT and Critical Infrastructure
  • Government Considering Mandatory Cyber Crime Reporting
  • SolarWinds Phishing Campaign
  • Securing DevOps Pipelines

CyberCX 2021 Budget Analysis

After experiencing one of the most challenging years in living memory, Australia has a unique opportunity to emerge from the

CyberCX Security Report | May 2021

  • Australian firm unlocks iPhone
  • Supply chain vulnerabilities
  • Public-private partnership
  • Unpatched vulnerabilities

CyberCX Security Report | April 2021

  • Aggressive patching key to limiting your exposure to newly discovered vulnerabilities
  • Acer reportedly facing $50M ransomware attack
  • Ransomware – a unique challenge for small business

Asymmetrical Cyber Security

One challenge many large organisations encounter when developing cyber security strategies is how to adequately protect digital assets from adversaries that are smaller and more agile.

CyberCX Security Report | March 2021

  • Grow your business by investing in cyber security
  • InfoSec training is a business enabler
  • Don’t neglect upgrading legacy systems
  • QR codes expose devices to security risks

CyberCX Security Report | February 2021

  • Boosting Privacy Protections
  • Securing Digital Supply Chains
  • Chrome Updates

LogRhythm Zero Days

As a result of our team’s penetration testing and exploitation activities, we uncovered a series of high-risk vulnerabilities that could be chained together.

CyberCX 2020 AppSec Hackathon roundup

Gamified learning, such as hackathons, are widely seen as one of the most effective ways to develop new skills.

CyberCX Security Report | December 2020

  • New rules for financial sector
  • Don’t neglect physical security
  • Securing your search engine ranking
  • API security for AWS users

CyberCX Security Report | November 2020

  • Research highlights HTTPS and JavaScript security limitations
  • Insecure Third-Party Opens Way for Hackers
  • Password-less IoT devices leave industries vulnerable
  • Keep on top of patching to stop “Bad Neighbour” vulnerability

Top 5 reasons to make hackathons part of your team’s security training program

As managers look for new ways to upskill and motivate their teams, games are emerging as an increasingly popular component in employee security training programs.

CyberCX Security Report | October 2020

  • Critical Vulnerability Allows Attackers to Bypass O365 MFA
  • Insecure Third-Party Opens Way for Hackers
  • Don’t Neglect Patching
  • Zerologon Vulnerability Potentially Allows Attackers Full Administrative Rights in Your Domain