Swinburne ISACA Student Group

11/10/2019

Are you a member of the ISACA Melbourne Chapter? It's free to join for students, and you get access to all sorts of professional and social events held throughout the year.

Click on this link to sign up:

Trust in, and value from, information systems

10/10/2019

D-Link Home Routers Open to Remote Takeover Will Remain Unpatched

D-Link won’t patch a critical unauthenticated command-injection vulnerability in its routers that could allow an attacker to remotely take over the devices and execute code. All of the affected devices are end-of-life and are no longer being updated by D-Link - highlighting the importance of using enterprise devices for enterprise uses. On the whole, domestic focused technology isn't intended to be secure long-term or to the same level as enterprise technology. Be sure to use the right tool for the job!

CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device.

08/10/2019

Did you know that ISACA has a free Cybersecurity Resource Center? Check it out at https://cybersecurity.isaca.org/cybersecurity-resource-center?cid=univ_2001873&Appeal=univ

You'll find free webinars, podcasts, blog posts and community initives which all serve to keep you updated on the latest goings on in the cybersecurity sector.

Cybersecurity Resource Center

07/10/2019

ISACA is hosting a Professional Development session this Tuesday, 8 October, on the topic of Blockchain: Use Cases and its effect on Law and Business.

Hosted at EY's offices at 8 Exhibition Street from 5pm to 7:30pm, this session will look at what blockchain is, and how it will impact the work of information security professionals and other industries.

The event is free to attend, and you are encouraged to register!

Trust in, and value from, information systems

03/10/2019

The Australian National University's recent Incident Report into the breach of their administrative system represents the first time a public institution in Australia has issued such a comprehensive account of a cyber attack.

The breach began with a spear-phishing attack which didn't require the target to click on any link - just previewing the email was enough to gain access to ANU's systems.

The report states that a legacy email system could be partly to blame, which highlight the importance of keeping applications updated and patched.

What other risk mitigations could ANU have used, and will we see similar transparent incident reports from public institutions going forward?

03/09/2019

Australian banks and credit unions will have their transactional systems secretly pe*******on tested to arrest deficiencies and stop fraud and abuse of institutional infrastructure plugged into to the New Payments Platform after two separate PayID data breaches.

NPP deploys ‘unilateral’ protections to harden network.

02/09/2019

Thanks to everyone who joined up to the Swinburne Information Security Society and ISACA Student Group in the lead up to our IGM last week.

The following committee has been elected to lead the group for 2019.
- President – Elliott Mann
- Vice-President - Manas Malaviya
- Secretary - Jorel Basangan
- Treasurer - Oscar Hernandez
- Promotions Officer - Gaurav Kararia
- Co-Events Manager - Yash Doshi
- Co-Events Manager - Juan Morales

We're really excited to get started and build the professional and academic profile of the Student Group both within Swinburne and in the broader Information Security Society!

02/09/2019

The Office of the Australian Information Commissioner has released the latest quarterly Notifiable Data Breach statistics.

Of particular note:
- About one in three data breaches last quarter were caused by compromised credentials.
- Malicious or criminal attacks were the largest source of data breaches in the quarter, accounting for 62 per cent of all data breaches.
- The majority of data breaches in the period involved the personal information of 100 individuals or fewer (62 per cent of data breaches).

Overall, the total of 245 data breaches reported is consistent with previous quarters. What work can be done to ensure a reduction in data breaches, and what refinements could be made to the Notifiable Data Breach regime to ensure that organizations are encouraged to stop data breaches to begin with?

National figures on data breaches show about one in three data breaches last quarter were caused by compromised credentials, with log in and password information used to gain unauthorised access to personal information.

28/08/2019

Our Initial General Meeting is starting at 5:30pm! Get down to Meeting Room 5 in the Library to meet everyone involved in the student group and vote in our inaugural committee.