Blogs and Latest News

Boards With Vulnerable Cybersecurity Systems Targeted By ASIC

Cybersecurity remains a paramount concern for boards and companies. It exerts a significant influence on the Australian business landscape. Recently, at the AFR Cyber Summit, insights from key figures like Clare O’Neil, Minister for Home Affairs and Cyber Security, and...

Continue Reading  

Red and Blue Teams of the NSA and CISA Shared Top Ten Cybersecurity Misconfigurations

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have collaborated to issue a joint cybersecurity advisory (CSA). Its purpose is to shed light on prevalent cybersecurity misconfigurations found in large organisations. The advisory also outlines...

Continue Reading  

The Rising Threat Perception of Deep Fakes

Deepfakes are a prime example of the emergence of synthetic media, which poses a growing challenge for users of modern technology and communication platforms. These include organisations like National Security Systems (NSS), the Department of Defence (DoD), the Defence Industrial...

Continue Reading  

Analysis Report on Infamous Chisel Malware

In the present-day conflict, cyberwarfare has become a force to reckon with. It is much more in evidence in the Russian-Ukraine war, where cybersecurity agencies of five countries have found a new malware called the Infamous Chisel. The new mobile...

Continue Reading  

Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Across Nations

A number of cybersecurity and other agencies have identified indicators of compromise at an Aeronautical Sector organization in January 2023. These organisations include the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Cyber National Mission Force....

Continue Reading  

Donor Information from Multiple Charities Leaked onto the Dark Web

Cybercriminals are on the prowl. In April 2023, they hacked Pareto Phone, a Brisbane-based telemarketing company that contacts potential donors for charities. This hacking led to information about thousands of potential donors being leaked onto the dark web and affecting...

Continue Reading  

Top Vulnerabilities Exploited By Cybercriminals

The year 2022 saw cybercriminals targeting unpatched, internet-facing systems and older software vulnerabilities. The criminals seem to have exploited the publicly available Proof of Concept (PoC) code. The success of such actors appears to be more in exploiting known vulnerabilities...

Continue Reading  

More Than $557 Million Claimed By Fraudsters—ATO Reveals

The month of July is taxation time for Australians as they log into their myGov account to file tax returns. The expectations of millions of Australians about their myGov account are that it will safeguard their information. But alas! The...

Continue Reading  

Ivanti EPMM Vulnerabilities Exploited By Threat Actors

It has been reported that Ivanti EPMM vulnerabilities such as CVE-2023-35078 and CVE-2023-356081 are exploited by threat actors to gain access to sensitive personal and business information. In fact, Advanced persistent threat actors exploited such vulnerabilities from April 2023 through...

Continue Reading  

How Can Businesses Prevent Web Application Access Control Abuse

Beware! Developers, designers, vendors, and end-user organisations using web applications. This is because web applications have been found to have vulnerabilities called IDOR, or Insecure Direct Object Reference. These are access control vulnerabilities that enable malicious actors to do a...

Continue Reading