May 4, 2023 | Speaking
I had the privileged to be invited to speak at the DevSecOps Leadership Forum in Auckland. It rained heavily on the day but that didn’t deter the attendees, as it was still a full house at the event. I spoke about open source security, why we need to do more due...
May 4, 2023 | Podcast
Google recently announced that the lock icon that is used to indicate that the website connection is using https will be removed from the Chrome browser. They said that it is no longer needed as more than 99% of all web pages loaded on Chrome are over HTTPS. They also...
May 3, 2023 | Podcast
The macOS was once thought to be a highly secured operating system. We’re starting to see more malware designed specifically to target macs. Once such example is the new MacOS information stealing malware named Atomic. The malware is designed to steal keychain...
May 2, 2023 | Podcast
Experts from SANS have shared at RSA Conference what are the most dangerous forms of cyberattacks for 2023. The first is SEO-boosted attacks where attackers use SEO to boost the rankings of their malware-laden sites in order to send more victims their way. Next is...
May 1, 2023 | Podcast
Is End to End Encryption Good or Bad? There was the recent event where the new synchronisation feature to Google Authenticator was criticised by security researchers as not secure for use due to its lack of end to end encryption. Google responded the very next day...
Apr 28, 2023 | Podcast
GitHub recently announced that private vulnerability reporting is now generally available for enabling at scale. This functionality provides a way for security researchers to privately disclose security issues to the project’s maintainers without the risk of...
Apr 27, 2023 | Podcast
Yesterday I reported that the Google Authenticator app for Android and iOS added a data synchronisation feature. This is a long awaited feature, that help make it easier to manage one-time access codes (or OTP) across different devices and services. I also reported...
Apr 26, 2023 | Podcast
Google has just added a synchronisation feature to its two-factor authentication app for Android and iOS. The Google Authenticator app can backup one-time access codes (or OTP) into your Google account, making it easier to manage and use the codes across different...
Apr 25, 2023 | Podcast
TAFE South Australia has revealed that it has suffered a data breach. 2,224 student identification records were impacted. The identification forms include driver’s licenses and passports used for enrolments prior to 2021. The organisation were first notified of...
Apr 24, 2023 | Podcast
Attackers are using the abandoned WordPress plugin, Eval PHP, to compromised websites by injecting stealthy backdoors. Eval PHP is an old legitimate WordPress plugin that allows site admins to embed executable PHP code on their website pages and posts. The plugin has...
