Do Your Applications Have a Software Bill of Materials (SBOM)?

Aug 13, 2024 | Articles, Podcast

“Oh, I didn’t realise we were exposed to <vulnerability> as I didn’t think that application was using <open-source-component>.” I often heard such comments during the initial stages of our application security uplift. There was a lack of visibility on what...

Background Check Company Data Breach Affecting Nearly 3 Billion People

Aug 12, 2024 | Podcast

https://mashable.com/article/background-check-company-breached-3-billion-affected A recent class action lawsuit alleges that background check company Jerico Pictures, operating under the name National Public Data, suffered a data breach earlier this year exposing the...

Hackers Poison Software Updates Through ISP Breach

Aug 8, 2024 | Podcast

StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms A sophisticated hacking group, known as StormBamboo, has been caught red-handed deploying malware through a compromised internet service provider (ISP). Security researchers at Volexity uncovered...

Stack Exchange Used by Threat Actors to Promote Malicious Open Source Components

Aug 7, 2024 | Podcast

https://checkmarx.com/blog/stackexchange-abused-to-spread-malicious-python-package-that-drains-victims-crypto-wallets Cybersecurity researchers warn of a new malware campaign targeting cryptocurrency users. Hackers uploaded malicious Python packages to the PyPI...

Hackers Abuse Free Cloudflare Tunnels to deliver Remote Access Trojans

Aug 6, 2024 | Podcast

https://www.proofpoint.com/us/blog/threat-insight/threat-actor-abuses-cloudflare-tunnels-deliver-rats Cybersecurity researchers are warning of a new wave of malware attacks targeting law firms, financial institutions, and other businesses. The attacks leverage a...

Australia to Mandate Ransomware Payment Disclosure

Aug 5, 2024 | Podcast

https://www.abc.net.au/news/2024-07-30/cyber-ransom-payments-new-laws-before-parliament/104113038 Australia is set to introduce a new law requiring businesses to report ransom payments to the government. This mandatory disclosure aims to improve national cybersecurity...