Spyware in Google Play Store Stealing Users’ Data

Jul 11, 2023 | Podcast

Security researchers have discovered two spyware in the Google Play Store that have been installed by up to 1.5 million users. Both apps are from the same publisher and pose as file management applications. They have similar malicious behaviours such as launching...

Mastodon Addresses TootRoot Hijacking Vulnerability

Jul 10, 2023 | Podcast

Mastodon, the free and open-source software for running self-hosted social networking services, had recently patched four vulnerabilities. One of those vulnerabilities is the TootRoot vulnerability which has a critical severity rating and is tracked as CVE-2023-36460....
Guest on Secure by Galah Cyber Podcast

Guest on Secure by Galah Cyber Podcast

Jul 7, 2023 | Podcast, Posts, Speaking

I had the privilege to be Cole Cornford’s guest on his Secure by Galah Cyber Podcast. He starts of by asking which bird I’m most like and why. I said that I’m an owl as everyone in security should be doing lots of listening and watching. It’s...

Proof of Concept Program for Microsoft Teams Malware Delivery

Jul 7, 2023 | Podcast

A proof-of-concept program has been recently published that exploits an unresolved security vulnerability in Microsoft Teams. The program, which was released by the U.S Navy’s red team allows the bypass of Microsoft Teams file sending restraints to deliver...

CWE Top 25 Most Dangerous Software Weaknesses

Jul 6, 2023 | Podcast

Mitre has recently released their CWE Top 25 Most Dangerous Software Weaknesses list for 2023. CWE stands for Common Weakness Enumeration and this list demonstrates the currently most common and impactful software weaknesses. They are often easy to find and exploit by...