Dec 26, 2022 | Podcast
LastPass revealed that attackers had stolen customer vault data. Fortunately the stolen vaults had been encrypted using the customer’s master key, which is never known to LastPass. However the attackers might attempt to brute force the passwords to gain access...
Dec 23, 2022 | Podcast
The Australian Financial Review wrote an article providing a behind the scenes look at how the Optus data breach unfolded for the company and their CEO. This was the first of a number of major data breaches which eventually lead to changes to the Australian Privacy...
Dec 22, 2022 | Podcast
Google recently announced that it will be adding end-to-end encryption to Gmail on the web for its workspace users. Once enabled, it will ensure that any sensitive data delivered as part of the email’s body and attachments cannot be decrypted by Google. Users...
Dec 21, 2022 | Podcast
Threat actors have released a trojanised python package pretending to be the legitimate SDK for the trusted cybersecurity firm SentinelOne. The malware offers the expected functionality, allowing easy access to the SentinelOne API. However it has been trojanised to...
Dec 20, 2022 | Podcast
A new phishing campaign is utilising facebook posts in its attack chain. This approach is used to trick victims into giving away their account credentials and personally identifiable information or PII. The post claims to be from facebook’s “Page...
Dec 19, 2022 | Podcast
ABC investigations uncovered a vulnerability in the MyGov and ATO systems which is being exploited to defraud taxpayers. It’s a loophole which no amount of careful management of your online activity can prevent. The vulnerability allows the fraudster to create a...
