Archives

Navigating the 2024 Cyber Threat Landscape: Insights from ASD’s Annual Report

The ASD’s 2024 Cyber Threat Report has been released and the results are sobering. State-sponsored espionage, cyber-crime leveraging artificial intelligence, the report highlights a universal truth: cyber threats will continue to evolve and become more complex. As organisations across Australia digest these findings, the challenge lies not only in understanding the threats but also in […]

Cyber Security Awareness Month Wrap-Up: 4 Steps to Strengthen Your Defence

Cyber security Essentials: The Four Steps Every Organisation Should Take Now that cyber security Awareness Month has come to an end, it’s worth reflecting on the steps we can take to protect our organisations from cyber threats. This year, the Australian Signals Directorate (ASD) highlighted four essential actions that, while simple, can dramatically increase cyber […]

Zero-Day Exploit in Internet Shortcuts: What You Need to Know about CVE-2024-38112

The APT group known as Void Banshee has been conducting spear phishing campaigns at a near global level for several months. The group has been making use of a zero-day exploit found in the rendering engine for Internet Explorer, known as Trident. The final payload for the attack is the Atlantida Stealer malware. This malware […]

The Risks of Excessive Admin Privileges

The Risks of Excessive Admin Privileges In any business, especially SMEs, admin privileges are crucial for managing IT systems. However, when too many people have these privileges or they’re not managed well, it can spell trouble. Let’s examine the potential consequences of excessive admin privileges and ways to mitigate the impact of compromised admin accounts. […]

Essential Eight and Non-Windows Devices

Introduction Cybersecurity isn’t just a Windows-world concern; it’s a universal necessity. Originally tailored for Windows environments, the Essential Eight framework is a set of strategies designed to harden systems against attacks. But what about Mac, Linux, or other operating systems that also face significant security threats? Join us as we explore how the universally relevant […]

Critical SSH Vulnerability (CVE-2024-3094): A Sophisticated Supply Chain Attack

On March 29th, 2024, a shocking revelation by Microsoft software engineer Andres Freund exposed a years-long plot within the open-source community. A malicious actor had successfully planted a backdoor into SSH, earning this vulnerability a critical CVSS score of 10. The backdoor could allow attackers to bypass authentication and execute code remotely on infected systems. […]

Insure Your Security: Protect Against Cyber Risks

The Cost of Non-Compliance: How Cybersecurity Practices Impact Insurance In today’s hyper-connected digital world, the importance of cybersecurity cannot be overstated. With cyber threats evolving at an unprecedented pace, organisations across all industries and sectors are increasingly vulnerable to attacks that can disrupt operations, compromise sensitive data, and inflict significant financial losses. In response, many […]

The Necessity for Suppliers to Adopt the Essential Eight

Suppliers are an integral part of an organisation’s operations and often have access to sensitive information or critical infrastructure. Here are detailed reasons why it’s essential for suppliers to implement the Essential Eight framework: Supply Chain Security: The security of an organisation is only as strong as its weakest link. Suppliers with inadequate cybersecurity measures […]

Copyright © 2023 · All Rights Reserved