Mar 15, 2023 | Podcast
Patch your Firefox browser. Security advisories have just been released for Mozilla Firefox about a number of vulnerabilities that could allow for arbitrary code execution. Some of those security issues include Firefox for Android may open third-party apps without a...
Mar 14, 2023 | Podcast
GitHub has begun a gradual roll out of requiring active developers to enable two-factor authentication on their accounts. This is part of the company’s move towards securing the supply chain by moving away from basic password-based authentication. In addition to...
Mar 13, 2023 | Podcast
Researchers at Palo Alto Networks have spotted a brute force botnet malware that are targeting web servers running phpMyAdmin, MySQL, FTP and Postgres services. The Golang based botnet will attempt to brute force accounts with weak or default passwords. Once it has...
Mar 10, 2023 | Podcast
The Sydney Morning Herald has reported that the chief executive of Optus has maintained that the cyberattack on her organisation in September last year was perpetrated by a skilled cybercriminal. She said that the attacker had knowledge of Optus’ systems and cycled...
Mar 9, 2023 | Podcast
Endor Labs, in collaboration with 20 CISOs and technology veterans have identified the top 10 open source risks of 2023. They are: 1. Known vulnerabilities. – Where developers accidentally introduce a component that contains vulnerable code 2. Compromise of...
Mar 8, 2023 | Podcast
Google has released its March 2023 security updates for Android. The update addresses 60 flaws including two critical-severity remote code execution vulnerabilities. The two flaws are tracked as CVE-2023-20951 and CVE-2023-20954. Google is currently withholding...
Mar 7, 2023 | Podcast
Over 450 malicious python packages were discovered to use typo squatting to steal crypto. The threat actor is using between 13 and 38 typosquatting versions for popular packages to cover a broad range of mistakes that would result in downloading the malicious package....
Mar 6, 2023 | Podcast
In its half yearly report, Australian health insurer Medibank shared a brief outline of how Russian based attackers got access to personal details of all 9.7 million of its customers. The Medibank breach in 2022 is one of the largest in Australian history. Hackers...
Mar 3, 2023 | Podcast
The Office of the Australian Information Commissioner (OAIC) has just published statistical information about notifications received under the Notifiable Data Breached (NDV) Scheme from 1 July to 31 December 2022. It had received 497 notifications, which is up 26%....
Mar 2, 2023 | Podcast
GitHub has recently announced that they have made secret scanning freely available for all public repositories hosted on their platform. GitHub’s secret scanning feature would alert repository owners of all leaked secrets that have been included in their...
