Enable GitHub Private Vulnerability Reporting at Scale

Apr 28, 2023 | Podcast

GitHub recently announced that private vulnerability reporting is now generally available for enabling at scale. This functionality provides a way for security researchers to privately disclose security issues to the project’s maintainers without the risk of...

Google Authenticator to Get End to End Encryption Following Security Concerns

Apr 27, 2023 | Podcast

Yesterday I reported that the Google Authenticator app for Android and iOS added a data synchronisation feature. This is a long awaited feature, that help make it easier to manage one-time access codes (or OTP) across different devices and services. I also reported...

Google Authenticator Now Synchronises to the Cloud. Should You Enable It?

Apr 26, 2023 | Podcast

Google has just added a synchronisation feature to its two-factor authentication app for Android and iOS. The Google Authenticator app can backup one-time access codes (or OTP) into your Google account, making it easier to manage and use the codes across different...

TAFE South Australia Suffers Data Breach

Apr 25, 2023 | Podcast

TAFE South Australia has revealed that it has suffered a data breach. 2,224 student identification records were impacted. The identification forms include driver’s licenses and passports used for enrolments prior to 2021. The organisation were first notified of...

Unmaintained WordPress Plugin Used to Compromise Website

Apr 24, 2023 | Podcast

Attackers are using the abandoned WordPress plugin, Eval PHP, to compromised websites by injecting stealthy backdoors. Eval PHP is an old legitimate WordPress plugin that allows site admins to embed executable PHP code on their website pages and posts. The plugin has...

5 Steps for Securing Your Software Supply Chain

Apr 21, 2023 | Articles, Podcast, Posts

RSA Conference just published an article that I’ve written on the 5 steps for securing your software supply chain. Most modern applications are assembled from open source components with developers typically writing less than 15% of the code for their...