Entries by Daniel Schell

Thomas Duyrea and emt Distribution win at Global Secunia Partner Conference

We’re pleased to annouce that our partner Thomas Duryea brought home the Secunia Global Partner of the Year at the Secunia Partner conference held in Prague earlier this month. “[Thomas Duryea] has demonstrated tremendous capability in achieving net new business,” announced the Danish security vendor. Our own General Manager, Shane Mahney, also won the “Best Product Manager of […]

Westpac phishing email

Another suspicious phishing email was forwarded to me this morning for analysis.  This one was a Westpac Phishing Email.  That is, an email pretending to be from Westpac with malicious intent. The body of the email is below: From: WBC [mailto:[email protected]] Sent: Wednesday, 6 May 2015 11:31 AM To: <target email address> Subject: 1 New payment […]

Microsoft releases tool to manage local Admin passwords

Microsoft have attempted to address the challenge of managing local administrator credentials by releasing the Local Administration Password Solution (LAPS). There are commercial solutions in this space, however many organisations are using either same password across machines, or try to use other methods, such as shared spreadsheets to manage individual passwords. Using shared credentials on a network is bad security practice and […]

The AFP Phishing email is cryptolocker

In the news over the last couple of days there have been warnings of an Australian Federal Police (AFP) branded phishing email. We received one of these emails in our office and decided to run it through our malware analysis sandbox, ThreatAnalyzer, to determine the behaviour of the sample – something that wasn’t mentioned in the news articles. Although Facebook […]

RSA 2015: SIEM and logging solutions are dead?

Last week at the RSA Conference 2015, RSA CISO Eddie Schwartz declared that in addition to Anti-Virus, SIEM solutions are also ‘dead’ and that IT security departments need to become “more big data aware“. ‘Big Data’ in this case refers to the collection and processing of data holistically in an organisations environment, not just collecting […]