May 9, 2023 | Podcast
The ABC news recently interviewed the CEO of the Cyber Security Research Center on whether companies should consider paying ransom to hackers. Her view is that we should not as it normalised the criminal behaviour. She said that once you receive the ransomware note,...
May 8, 2023 | Podcast
The Australian federal government has announced that a standalone privacy commissioner will be appointed to deal with the growing threats to data security and to protect the personal information of millions of Australians. The federal Attorney-General had declared...
May 5, 2023 | Podcast
Google has started rolling out passkey support for Google Accounts across all services and platforms. Users using passkeys will be able to sign into their Google accounts without needing to enter a password or using 2-Step verification. The Passkeys are linked to each...
May 4, 2023 | Speaking
I had the privileged to be invited to speak at the DevSecOps Leadership Forum in Auckland. It rained heavily on the day but that didn’t deter the attendees, as it was still a full house at the event. I spoke about open source security, why we need to do more due...
May 4, 2023 | Podcast
Google recently announced that the lock icon that is used to indicate that the website connection is using https will be removed from the Chrome browser. They said that it is no longer needed as more than 99% of all web pages loaded on Chrome are over HTTPS. They also...
May 3, 2023 | Podcast
The macOS was once thought to be a highly secured operating system. We’re starting to see more malware designed specifically to target macs. Once such example is the new MacOS information stealing malware named Atomic. The malware is designed to steal keychain...
May 2, 2023 | Podcast
Experts from SANS have shared at RSA Conference what are the most dangerous forms of cyberattacks for 2023. The first is SEO-boosted attacks where attackers use SEO to boost the rankings of their malware-laden sites in order to send more victims their way. Next is...
May 1, 2023 | Podcast
Is End to End Encryption Good or Bad? There was the recent event where the new synchronisation feature to Google Authenticator was criticised by security researchers as not secure for use due to its lack of end to end encryption. Google responded the very next day...
Apr 28, 2023 | Podcast
GitHub recently announced that private vulnerability reporting is now generally available for enabling at scale. This functionality provides a way for security researchers to privately disclose security issues to the project’s maintainers without the risk of...
Apr 27, 2023 | Podcast
Yesterday I reported that the Google Authenticator app for Android and iOS added a data synchronisation feature. This is a long awaited feature, that help make it easier to manage one-time access codes (or OTP) across different devices and services. I also reported...
