Proof of Concept Program for Microsoft Teams Malware Delivery

A proof-of-concept program has been recently published that exploits an unresolved security vulnerability in Microsoft Teams. The program, which was released by the U.S Navy’s red team allows the bypass of Microsoft Teams file sending restraints to deliver...

CWE Top 25 Most Dangerous Software Weaknesses

Mitre has recently released their CWE Top 25 Most Dangerous Software Weaknesses list for 2023. CWE stands for Common Weakness Enumeration and this list demonstrates the currently most common and impactful software weaknesses. They are often easy to find and exploit by...

How Not To Do A Force Password Reset

A high school in Illinois recently demonstrated how not to do a force password reset. Oak Park and River Forest High School was doing a cybersecurity audit when they mistakenly reset everyone’s password. This prevented the students from being able to log into...

Stalkerware App Suffers Data Breach

It’s bad enough when apps you use suffers a data breach, its worse when apps you didn’t know you have gets breached. Android stalkerware app, LetMeSpy had suffered a data breach resulting from a security incident on June 21. The app is used to spy or stalk...

Proton Launches Password Manager with Email Aliases

Everyone deserves privacy by default. That’s Proton’s slogan. Famously known for their encrypted and private email service, proton mail, the company had expanded to other secure and privacy focused services like VPN, calendar and cloud storage. This week,...

Super Mario 3: Malware Edition

Super Mario 3: Mario Forever is a free to play remake of the classic Nintendo game which was released in 2003. Playing as either Mario or Luigi, you’re running around the Mushroom Kingdom, jumping across platforms and atop of enemies on your way to rescue the...

APRA takes action against Medibank for data breach

The Australian Prudential and Regulation Authority (APRA) has imposed an extra $250m requirement in Medibank’s capital adequacy requirement. Medibank Private, a health insurance provider, suffered a data breach in October 2022 which resulted in the compromise of...

Australia’s First Cyber Security Coordinator Announced

The Australian Federal Cabinet signed off on the appointment of the government’s first co-ordinator of cybersecurity. Following the major cyber-attacks against Optus and Medibank, the Home Affairs Minister had raised concerns that there was no functional cyber...