Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Strategy

Australia National Cyber Strategy Consultation

This morning before I got on with some more dull affairs of business, I saw the following:

2023-2030 Australian Cyber Security Strategy Discussion Paper

How we (humanity) and people (including governments etc.) respond to the changing digital landscape and cyber threats that affect society and humanity as a whole is really important. It’s great to see the Australian government using an advisory board and panel structure as they look to review/renew their national cyber security strategy. I’m posting this to raise awareness as I think these things are ever so important that people in the community, industry, academia etc. give their inputs, help and support to the people charged with the incredibly complex task of developing and implementing cyber strategies at country scale! A task not so simple, hence they are calling for inputs as part of a general consultation request from people and organizations.

Read more “Australia National Cyber Strategy Consultation” →
Vulnerabilities

CVE-2022-39952 Fortinet Global Exposure

There appears to be a new RCE out for Fortinet devices as per this post (it’s against FortiNAC as far I am aware so this is probably a much smaller exposure footprint than all fortinet devices):

https://www.fortiguard.com/psirt/FG-IR-22-300

There’s also this in FortiWeb (and well they released 40 odd fixes to various bits)

https://www.fortiguard.com/psirt/FG-IR-21-186

When we consider security edge devices and the risks these may pose to organizations and society as a whole it’s important to understand that these are no trivial matter. These are “security” appliances that are there to protect your organizations, to provide remote access as well as protect network egress etc.

Fortinet are not the only vendor to suffer from these types of vulnerability (Remote Code Execution – RCE) however there do appear to have been quite a few of these when looking historically.

Read more “CVE-2022-39952 Fortinet Global Exposure” →
Leadership

Current State Cyber Challenges and why communication is important

Currently I’d list some of the major challenges we face as a civilisation as the following (clearly not exhaustive etc.)

  • The general population largely don’t understand cyber
  • Lots of people think there is nothing they can really do
  • People have shockingly bad personal cyber security
  • A large number of organisations have shockingly poor cyber security postures
  • People’s passwords are often ridiculously weak
  • People re-use passwords all the time
  • People seem to believe we have “magic nation state cyber shields”
  • Organisation’s largely do not invest adequately in cyber security
Read more “Current State Cyber Challenges and why communication is important” →
News

Cyber News Today

Another day in the life o’cyber! There’s probably new exploits, new vulnerabilities, new updates and industry changes galore but here’s some highlights from the day!

Read more “Cyber News Today” →
Leadership

CYBER CYBER CYBER – What cyber means for the…

I’m sitting here drinking a cup of tea and thought I’d jot down some of the things I tend to think about. I figured this might help people consider aspects of “cyber” that they might not have considered before.

Read more “CYBER CYBER CYBER – What cyber means for the world in the modern age” →

Recent Posts

  • The Manual Version 2.0
  • Cyber Security for PC Gamers
  • Active Directory Attacks – “It’s cold out here”
  • Mobile Device Malware Analysis
  • Port Forwarding with WSL2

Recent Comments

No comments to show.

Archives

  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Fiction
  • Getting into Cyber
  • Guides
  • Hacking
  • IOT
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited