Cyber Security News & Current Events

Like all areas of business this year, it’s important for organisations to get up-to-date information about the current state of ongoing cyber threats in the wake of changes due to …

By now we’re all aware that COVID-19 has changed the way we work. Organisations have had to adjust their ICT environments to accommodate the mandated work-from-home requirements, and these adjustments …

For many businesses who transact online, the holiday season brings with it an increased spend from consumers. For some, it’s their peak earning point of the year. Unfortunately, this increase …

Background The public figure Twitter account hijacking extends well past social media and has many parallels to business and enterprise systems. Whenever there is a breach, it should be review …

Traditional authentication schemes see users needing to create, and remember, separate login details for each service or system they use. With the average organisation using over 1000 distinct cloud services, …

The COVID-19 pandemic, and the ever-increasing number of employees shifting to remote work has seen explosive growth for Zoom’s platform. This growth has come with heavy scrutiny of Zoom’s security …

The handy folk at Sumo Logic, behind the multipurpose security analytics tool, have used published data to present and dissect near real time data of COVID-19 spread. Data is broken …

Seen above is real source code we got access to in a recent web application penetration test by exploiting security vulnerabilities caused by poor secure coding practice. While inspecting source …

It seems that every other week, someone is touting a new solution to cyber security. They tell you that all we need to do is install our boldly coloured box …

Although cybersecurity insurance can appear attractive, it is important that businesses understand it cannot feasibly serve as a replacement for threat mitigation. The majority of cyber threats are avoided by …

Overview Injection vulnerabilities are the most common result of mixing user input with system control. An injection vulnerability can have catastrophic results for a system, potentially leading to a full …

On the 22nd of February 2018, the Notifiable Data Breach (NDB) scheme came into effect for all organisations with personal information security obligations under the Australian Privacy Act. Since this …

The information security framework for the Australian Government is driven by two main documents: the Protective Security Policy Framework (PSPF) owned by the Attorney-General’s Department, and the Information Security Manual …

This weekend's Formula 1 Grand Prix has an unlikely parallel to the cyber security industry. You see, Formula 1 is a precisely engineered environment, where suspension load is modelled across …

In Part 2, the importance of a well-maintained and well-structured hardware and software inventory and the benefits of vulnerability management was explained. The next step in the process of getting …

As high-profile breaches produce increasing public attention, effective information security is more important than ever. Cyber incidents have a potential impact comparable to natural disasters. It is increasingly insufficient for …

Every information security framework and “best practice” guide to cyber security states that you need “management buy-in”, but why is it important and what does it look like? Management buy-in …

What Brush Turkeys Have Taught Me About Information Security It is that time of year again when a male brush turkey has made my backyard his home, tearing apart vegetation …

As information security has become more important across organisations, so has the role of an information security leader within organisations. As an information security leader in an organisation, several questions …

In part 1, the importance of knowing your system was discussed, in this article, the importance of properly managing and auditing these assets will be discussed. Proper management of ICT …