Secure Website Lock Icon to Be Removed From Chrome

May 4, 2023 | Podcast

Google recently announced that the lock icon that is used to indicate that the website connection is using https will be removed from the Chrome browser. They said that it is no longer needed as more than 99% of all web pages loaded on Chrome are over HTTPS. They also...

MacOS Targeted by Malware

May 3, 2023 | Podcast

The macOS was once thought to be a highly secured operating system. We’re starting to see more malware designed specifically to target macs. Once such example is the new MacOS information stealing malware named Atomic. The malware is designed to steal keychain...

Top 5 Most Dangerous New Cyberattacks for 2023

May 2, 2023 | Podcast

Experts from SANS have shared at RSA Conference what are the most dangerous forms of cyberattacks for 2023. The first is SEO-boosted attacks where attackers use SEO to boost the rankings of their malware-laden sites in order to send more victims their way. Next is...

Is End to End Encryption Good or Bad?

May 1, 2023 | Podcast

Is End to End Encryption Good or Bad? There was the recent event where the new synchronisation feature to Google Authenticator was criticised by security researchers as not secure for use due to its lack of end to end encryption. Google responded the very next day...

Enable GitHub Private Vulnerability Reporting at Scale

Apr 28, 2023 | Podcast

GitHub recently announced that private vulnerability reporting is now generally available for enabling at scale. This functionality provides a way for security researchers to privately disclose security issues to the project’s maintainers without the risk of...

Google Authenticator to Get End to End Encryption Following Security Concerns

Apr 27, 2023 | Podcast

Yesterday I reported that the Google Authenticator app for Android and iOS added a data synchronisation feature. This is a long awaited feature, that help make it easier to manage one-time access codes (or OTP) across different devices and services. I also reported...

Google Authenticator Now Synchronises to the Cloud. Should You Enable It?

Apr 26, 2023 | Podcast

Google has just added a synchronisation feature to its two-factor authentication app for Android and iOS. The Google Authenticator app can backup one-time access codes (or OTP) into your Google account, making it easier to manage and use the codes across different...

TAFE South Australia Suffers Data Breach

Apr 25, 2023 | Podcast

TAFE South Australia has revealed that it has suffered a data breach. 2,224 student identification records were impacted. The identification forms include driver’s licenses and passports used for enrolments prior to 2021. The organisation were first notified of...

Unmaintained WordPress Plugin Used to Compromise Website

Apr 24, 2023 | Podcast

Attackers are using the abandoned WordPress plugin, Eval PHP, to compromised websites by injecting stealthy backdoors. Eval PHP is an old legitimate WordPress plugin that allows site admins to embed executable PHP code on their website pages and posts. The plugin has...

5 Steps for Securing Your Software Supply Chain

Apr 21, 2023 | Articles, Podcast, Posts

RSA Conference just published an article that I’ve written on the 5 steps for securing your software supply chain. Most modern applications are assembled from open source components with developers typically writing less than 15% of the code for their...