Mar 11, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/x-hit-by-massive-cyberattack-amid-dark-storms-ddos-claims/https://www.abc.net.au/news/2025-03-11/elon-musk-says-x-outages-result-of-cyber-attack/105035078 The hacktivist group Dark Storm has claimed responsibility for...
Mar 10, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/critical-php-rce-vulnerability-mass-exploited-in-new-attacks A critical PHP remote code execution vulnerability, CVE-2024-4577, is being actively exploited in widespread attacks targeting Windows systems globally. The...
Mar 8, 2025 | Podcast
https://security.googleblog.com/2025/03/new-ai-powered-scam-detection-features.html Google has launched AI-powered scam detection features for Android devices, designed to protect users from conversational fraud. These features target scams that start innocently but...
Mar 7, 2025 | Podcast
https://www.sonarsource.com/blog/why-code-security-matters-even-in-hardened-environments A recent study demonstrates that even in hardened environments with read-only file systems, attackers can exploit file write vulnerabilities in Node.js applications to achieve...
Mar 6, 2025 | Podcast
https://socket.dev/blog/malicious-pypi-package-exploits-deezer-api-for-coordinated-music-piracy A PyPi package named ‘automslc,’ downloaded over 100,000 times since 2019, has been pirating music from the Deezer streaming service using hardcoded...
Mar 5, 2025 | Podcast
https://www.modat.io/post/doors-wide-open-critical-risks-in-ams A widespread security risk has been discovered involving misconfigured and exposed Access Management Systems (AMS) across numerous industries and countries. This exposure has resulted in hundreds of...
Mar 4, 2025 | Podcast
Let’s tackle something more fundamental: how to build security into your organization’s DNA. We’re talking about creating a security culture by design. Because here’s the truth – you can have the best tools, the strongest policies, and the most...
Mar 3, 2025 | Podcast
https://www.wsj.com/tech/cybersecurity/disney-employee-ai-tool-hacker-cyberattack-3700c931 A former Disney engineer, Matthew Van Andel, had his life turned upside down after downloading a seemingly harmless AI tool from GitHub. The software, intended for creating AI...
Feb 28, 2025 | Speaking
I just finished a guest lecture at UNSW for a second-year subject. It was fantastic to engage with such curious students, many of whom were eager to learn about the realities of working in cyber security. I hope I’ve inspired some of the next batch of cyber security...
Feb 28, 2025 | Podcast
https://www.bloomberg.com/news/articles/2025-02-21/apple-removes-end-to-end-encryption-feature-from-uk-after-backdoor-order Apple has removed its Advanced Data Protection (ADP) feature, which provides end-to-end encryption for iCloud data, for new users in the United...
