TAFE South Australia Suffers Data Breach

Apr 25, 2023 | Podcast

TAFE South Australia has revealed that it has suffered a data breach. 2,224 student identification records were impacted. The identification forms include driver’s licenses and passports used for enrolments prior to 2021. The organisation were first notified of...

Unmaintained WordPress Plugin Used to Compromise Website

Apr 24, 2023 | Podcast

Attackers are using the abandoned WordPress plugin, Eval PHP, to compromised websites by injecting stealthy backdoors. Eval PHP is an old legitimate WordPress plugin that allows site admins to embed executable PHP code on their website pages and posts. The plugin has...

5 Steps for Securing Your Software Supply Chain

Apr 21, 2023 | Articles, Podcast, Posts

RSA Conference just published an article that I’ve written on the 5 steps for securing your software supply chain. Most modern applications are assembled from open source components with developers typically writing less than 15% of the code for their...

March 2023 Broke Ransomware Attack Records

Apr 20, 2023 | Podcast

March 2023 has been the most prolific month recorded by cybersecurity analysts, with 459 recorded ransomware. This is up 91% from the previous month. According to NCC group, the reason for the record-breaking attack is due to a zero-day vulnerability in Fortra’s...

Australians Scam Losses in 2022 increased by 80%

Apr 19, 2023 | Podcast

The Australian Competition & Consumer Commission (ACCC) says Australians lost a record $3.1 billion to scams in 2022. This is an 80% increase over the total losses recorded in 2021. Investment scams accounted for the most losses, at $1.5 billion. This is followed...

Chatting with a Hacker

Apr 18, 2023 | Podcast

Four corners from the ABC news just published an article about their conversation with one of the hackers who’s worked for the cyber criminal gangs behind some of Australia’s largest data breaches. When asked whether he see Australia as an attractive...

Google Chrome Security Update for Zero-Day Vulnerability

Apr 17, 2023 | Podcast

Google has just released an emergency Chrome security update to address a zero-day vulnerability. The vulnerability is assigned CVE-2023-2033 and is a type confusion weakness in the Chrome JavaScript Engine. It affects the Chrome browser on Windows, Mac and Linux. The...

Security Headers to Secure Your Web Application

Apr 14, 2023 | Podcast

With web applications being a target of numerous cyber attacks, the SANS Internet Storm Center has released an article sharing the three must have security HTTP headers for controlling many easily preventable vulnerabilities. The first is HTTP Strict Transport...

Tasmanian Government Suffers Data Breach

Apr 13, 2023 | Podcast

The Tasmanian state government has recently suffered a data breach. The hackers targeted a third-party transfer software used by the Tasmanian Department of Education, Children and Young People. Initially the Science and Technology Minister said that it appeared that...