Medibank Breach Due to Rookie Mistake
In its half yearly report, Australian health insurer Medibank shared a brief outline of how Russian based attackers got access to personal details of all 9.7 million of its customers. The Medibank breach in 2022 is one of the largest in Australian history. Hackers...Worrying Upward Trend in Australian Data Breach Notifications
The Office of the Australian Information Commissioner (OAIC) has just published statistical information about notifications received under the Notifiable Data Breached (NDV) Scheme from 1 July to 31 December 2022. It had received 497 notifications, which is up 26%....GitHub Secret Scanning Now Free for Public Repositories
GitHub has recently announced that they have made secret scanning freely available for all public repositories hosted on their platform. GitHub’s secret scanning feature would alert repository owners of all leaked secrets that have been included in their...Critical Apple Bug Wipes Out Passkeys
Terence Kam has discovered a major implementation bug with Apple’s passkey. Passkey is Apple’s implementation of an industry standard designed to remove password for online authentication. This helps reduce the risks of account compromises because it...New Cyber Security Requirements for Australian Critical Infrastructure
Under a new Risk Management Protocol signed off my the Australian Minister for Home Affairs and Cybersecurity, board members on critical infrastructure organisations will be held culpable for failure to properly secure their assets. The organisations will have 18...
How Secure Is Your iPhone?
The Wall Street Journal has written an article that will challenge your belief on the security of your digital life. It reports on how a basic iPhone feature can allow criminals to steal your entire digital life. This basic feature is your pass code and the technique...Atlassian Suffered Data Breach Due to Exposed Employee Credentials
Atlassian recently suffered a data leak which affected thousands of employee records as well as the building floorplans for their Sydney and San Francisco offices. The employee records include email addresses, phone numbers and names. The threat actors gained entry to...NSA Best Practices for Securing Your Home Network
The NSA has released a cybersecurity information sheet on best practices for securing your home network. They provide recommendations for device security and for online behaviour. Some of those recommendations include upgrading and updating all equipment and software...