Jan 3, 2023 | Podcast
Matt from down right niffy dot me recently released an article detailing how he discovered an interesting vulnerability in Google’s Home smart speaker. He discovered that you can link a google account to a smart speaker without any authentication. The vulnerability...
Jan 2, 2023 | Podcast
The popular python package, PyTorch, has been hit by a dependency confusion attack. Admins for the machine learning framework identified the attacks and determined that the window of attack is between December 25th to 30th 2022. Their recommendation for users who...
Dec 30, 2022 | Podcast
Parental control apps aren’t the answer to protecting your kids online and there might be a hidden cost to using them. Researchers from the SEC Consult Vulnerability Lab recently discovered server vulnerabilities in popular parental control apps for the Android...
Dec 29, 2022 | Podcast
Australia’s second largest university in the state of Queensland, the Queensland University of Technology, has been hit with a ransomware attack. The malware is believed to be the newer Royal ransomware and it is causing the university campus printers to spit...
Dec 28, 2022 | Podcast
The Guardian newspaper has self reported that they have been hit by a serious IT incident which they believe is a ransomware attack. The impact is mostly with disruptions to behind the scene services and they believe that online and print publishing is largely...
Dec 27, 2022 | Podcast
In a move to help strengthen the open source third party supply chain, GitHub will be mandating all users who contribute code on the platform to enable two factor authentication by the end of 2023. This helps increase the security of the accounts by requiring an...
Dec 26, 2022 | Podcast
LastPass revealed that attackers had stolen customer vault data. Fortunately the stolen vaults had been encrypted using the customer’s master key, which is never known to LastPass. However the attackers might attempt to brute force the passwords to gain access...
Dec 23, 2022 | Podcast
The Australian Financial Review wrote an article providing a behind the scenes look at how the Optus data breach unfolded for the company and their CEO. This was the first of a number of major data breaches which eventually lead to changes to the Australian Privacy...
Dec 22, 2022 | Podcast
Google recently announced that it will be adding end-to-end encryption to Gmail on the web for its workspace users. Once enabled, it will ensure that any sensitive data delivered as part of the email’s body and attachments cannot be decrypted by Google. Users...
Dec 21, 2022 | Podcast
Threat actors have released a trojanised python package pretending to be the legitimate SDK for the trusted cybersecurity firm SentinelOne. The malware offers the expected functionality, allowing easy access to the SentinelOne API. However it has been trojanised to...
