Blog

  • Critical SSH Vulnerability (CVE-2024-3094): A Sophisticated Supply Chain Attack

    Critical SSH Vulnerability (CVE-2024-3094): A Sophisticated Supply Chain Attack

    On March 29th, 2024, a shocking revelation by Microsoft software engineer Andres Freund exposed a years-long plot within the open-source community. A malicious actor had successfully planted a backdoor into SSH, earning this vulnerability a critical CVSS score of 10. The backdoor could allow attackers to bypass authentication and execute code remotely on infected systems.…

    Continue Reading

  • Insure Your Security: Protect Against Cyber Risks

    Insure Your Security: Protect Against Cyber Risks

    The Cost of Non-Compliance: How Cybersecurity Practices Impact Insurance In today’s hyper-connected digital world, the importance of cybersecurity cannot be overstated. With cyber threats evolving at an unprecedented pace, organisations across all industries and sectors are increasingly vulnerable to attacks that can disrupt operations, compromise sensitive data, and inflict significant financial losses. In response, many…

    Continue Reading

  • The Necessity for Suppliers to Adopt the Essential Eight

    The Necessity for Suppliers to Adopt the Essential Eight

    Suppliers are an integral part of an organisation’s operations and often have access to sensitive information or critical infrastructure. Here are detailed reasons why it’s essential for suppliers to implement the Essential Eight framework: Implementing the Essential Eight Across the Supply Chain To effectively implement the Essential Eight across the supply chain, organisations should take…

    Continue Reading

  • Older Applications and the MFA Gap

    Older Applications and the MFA Gap

    Older applications, built with outdated technology frameworks, are relics of a past time when cybersecurity factors were very different from today or even not present at all.  These applications from the past were forged in an age when security was but an afterthought, their foundations laid without the foresight of today’s modern security paradigms. Consequently,…

    Continue Reading

  • The Essential Eight: A Comprehensive Framework for Cybersecurity Excellence

    The Essential Eight: A Comprehensive Framework for Cybersecurity Excellence

    In an era marked by ever increasing and more frequent cyber threats, the Essential Eight framework gives clarity and efficacy, offering organisations a carefully crafted set of strategies that prioritise simplicity, standardisation, ease of use, familiarity, and the crucial balance between protection and business continuity. The Essential Eight is a framework for cybersecurity that offers…

    Continue Reading

  • WHAT is VOLT TYPHOON?

    WHAT is VOLT TYPHOON?

    The more correct question is WHO is Volt Typhoon? Volt Typhoon is a state-supported Chinese cyber operation. As detailed in an advisory released 8 Feb 2024, the ACSC reported that Volt Typhoon has compromised thousands of internet-connected devices as part of a larger effort to infiltrate western critical infrastructure, including naval ports, internet service providers, communications…

    Continue Reading

  • Striking the right balance between Artificial Intelligence and Cyber Security 

    Striking the right balance between Artificial Intelligence and Cyber Security 

    AI is taking us on an incredible journey where every day feels like we’re stepping into a sci-fi movie. This journey is certainly helping organisations optimise themselves and to move forward faster – however there needs to be the right balance between the freedom of AI, and reducing the risk of opening cyber security cracks.…

    Continue Reading

  • Essential Eight Assessment Tools

    Essential Eight Assessment Tools

    Using a tool for Essential Eight assessments has several advantages over manual human assessment, and not just because it’s cost effective. The Australian Cyber Security Centre outlines five good reasons to use a tool: However, it’s important to note that tools should be used in conjunction with human judgement and expertise for the best results. While…

    Continue Reading