Iron Bastion Security Blog

Ramblings of Australia’s phishing and cybersecurity experts

Two Innovative Ways to Combat Ransomware

Two Innovative Ways to Combat Ransomware

We all know the seven traditional steps to fight ransomware, but are they still holding up? Also, how do they scale in the cloud? In the following article, we briefly look at the infrastructure as code and the zero-trust models and how your ransomware strategy can benefit from them. Infrastructure

Emerging Ransomware Trends in 2022

Emerging Ransomware Trends in 2022

The new year brings new operating models, highly targeted attacks, and additional battlegrounds into the ransomware business.

A Guide to Open-Source Software Security Risks & Best Practices

A Guide to Open-Source Software Security Risks & Best Practices

Community-developed software applications can lower costs and increase productivity within any business. However, is open-source software secure?

3 Cyber Security Tips for Small Business Owners

3 Cyber Security Tips for Small Business Owners

How to keep your small business secure from cyber attacks? With the following three simple measures, you can quickly improve the risk profile of your company.

4 Business Benefits of Professional Email Services for SMBs

4 Business Benefits of Professional Email Services for SMBs

How can your business benefit from Office 365 and G Suite? Here's how to get more things done with the free add-ons, and protect your business with the security features.

ESET's Guide to Small Business Cybersecurity

ESET's Guide to Small Business Cybersecurity

Make sure your small business is safe from cyberattacks with these 6 simple cybersecurity tips from ESET to keep your data, staff, and customers protected.

5 Benefits of Managed Email Hosting Services for Small Business

5 Benefits of Managed Email Hosting Services for Small Business

In a competitive environment, it is essential to maintain a professional image to your customers, suppliers, and even to your competition. Our latest article features the main benefits of having an IT provider manage your email service.

The 4 Deadly Technology Sins of a Small Business

The 4 Deadly Technology Sins of a Small Business

Why is it so that SMBs are so vulnerable to technology issues? We explain what the leading IT and cybersecurity risks of any small business are, and how a managed IT services provider can help business owners address them.

5 Reasons Why Your Small Business Should Outsource IT

5 Reasons Why Your Small Business Should Outsource IT

IT outsourcing is an ever-increasing practice within the professional services sector. If your business is spending too much on managing email accounts, servers, printers, and telephones, it is time to consider getting external help from the professionals.

Owning Your Legal Practice's Cybersecurity – MSPs and You

Owning Your Legal Practice's Cybersecurity – MSPs and You

Law practices should be aware of the cyber risks associated with IT, as a security breach involve financial and reputational damages, and legal liabilities. Read what the six questions are that every legal professional should ask from their managed IT services provider to avoid a data breach.

Together for a better internet on Safer Internet Day

Together for a better internet on Safer Internet Day

Iron Bastion is supporting Safer Internet Day and we encourage you to join in! Safer Internet Day is an opportunity to raise awareness about the safe and positive use of digital technology, and to explore the role we can all play in creating a better and safer internet in our community.

How to Run Effective Security Awareness Training for your Organisation

How to Run Effective Security Awareness Training for your Organisation

Ever wondered how you can deliver security awareness training to staff in your organisation that they will love? In this article, we reveal the techniques we find useful in our training sessions.

Preventing Business Email Compromise Fraud at Your Business

Preventing Business Email Compromise Fraud at Your Business

What can business owners do to protect their organisation from Business Email Compromise fraud? Download our slide deck from the ISACA event to find it out.

What Phishing Campaigns Have in Common with the Cocos Islands?

What Phishing Campaigns Have in Common with the Cocos Islands?

Phishing is one of the main reasons why Australian businesses are getting hacked. What has an exotic paradise in the middle of the Indian Ocean to do with cyber crime? Iron Bastion experts explain how Cocos (Keeling) Islands enables criminals to defraud organisations and individuals worldwide.

Your Definitive Guide to Information Security Conferences in 2019

Your Definitive Guide to Information Security Conferences in 2019

Are you a hacker or an information security professional looking for conferences down under? Our non-comprehensive list features the major cyber events Australia has to offer in 2019.

Phishing Is the Top Reason Behind Australian Data Breaches

Phishing Is the Top Reason Behind Australian Data Breaches

The latest Notifiable Data Breaches Quarterly Statistics Report confirms that Australian legal practices are at risk of cybercrime with phishing as the main threat.

Defending Your Organisation in the Age of Phishing with Training Courses and Technology

Defending Your Organisation in the Age of Phishing with Training Courses and Technology

Phishing attacks are the cause of over 90% of data breaches in Australia. This article explains how businesses can combat phishing with the combination of information security awareness and anti-phishing technologies.

Don't Be the Next Business to Fall Victim to a Data Breach

Don't Be the Next Business to Fall Victim to a Data Breach

Ninety per cent of data breaches begins with a phishing attack and email scams cost Australian businesses $22 million a year. But what is phishing and how does it differ from spam?

Professional Help Needed for Law Firms Still Vulnerable to Phishing Attacks

Professional Help Needed for Law Firms Still Vulnerable to Phishing Attacks

Many of the leading law firms are failing set-up the anti-phishing solution correctly at their end, leaving them open to cyberattacks including phishing, payment redirection fraud and Business Email Compromise (BEC) fraud – our latest report can reveal.

Setting Up an Email Server for the Direct Email Spooling Attack (How-to Guide)

Setting Up an Email Server for the Direct Email Spooling Attack (How-to Guide)

This how-to guide aims to demonstrate how easy it is to circumvent expensive email security solutions with simple open-source tools. Email administrators can also follow this guide to build their email delivery service for email direct spool attack security assessments.

Discovering Hidden Email Gateways with OSINT Techniques

Discovering Hidden Email Gateways with OSINT Techniques

In this article, we elaborate how we managed to identify hidden internal email servers by relying on various open-source intelligence (OSINT) data sources for our direct email spool attack research.

How to Evade Expensive Phishing Filters with One Simple Trick

How to Evade Expensive Phishing Filters with One Simple Trick

One in three Australian law firms are susceptible to a cyber threat called “direct email spool attack”, our report can reveal. This attack technique bypasses expensive email security solutions, rendering them completely useless and exposing the affected organisations to cybercrime.

Five Ways to Identify Phishing Emails

Five Ways to Identify Phishing Emails

As phishing emails come in different shapes and formats, there is no silver bullet to identify a phishing email. However, there is a collection of red flags you should be looking for before clicking on a new message. Here is our up-to-date guide to help you recognise the latest email-based scams.

Why multi-factor authentication on the PEXA platform leaves security concerns?

Why multi-factor authentication on the PEXA platform leaves security concerns?

PEXA introduces multi-factor authentication to combat payment redirection fraud but leaves security concerns due to SIM swapping attacks.

PEXA Introduces Multi-Factor Authentication but More Guidance Needed

PEXA Introduces Multi-Factor Authentication but More Guidance Needed

Iron Bastion cybersecurity experts see a problem with PEXA offering the SMS option given how easy it is for hackers to hijack SMS messages.