Cyber Security News & Current Events

The Problem It seems like every other day there is a public announcement of a compromise involving unauthorised access to Microsoft 365. Privately, we are called in more often than …

Today we Investigate CVE-2024-3094, a vulnerability discovered by developer Andres Freund while dissecting SSH performance failures. If gone undetected, this vulnerability could have led to a global cyber outbreak. In …

The statistics provided in the Australian Signals Directorate Cyber Threat Report paint a bleak picture of the cybersecurity landscape in Australia with the average cost of an incident and the …

The Optus PII breach has been the subject of many conversations the past week or so - at the technical level all the way through to advising boards on what …

After a lengthy traverse through the various stages of parliament, the final updates to the Security Legislation Amendment of the Critical Infrastructure Protection Act (SLACIP) passed at the end of …

It's that time of year when the team over at Mimecast releases their much-anticipated State of Email Security report. Covering data that spans the entirety of 2021, the report surveyed …

News came to light recently from a threat actor group that authentication provider Okta had been compromised by one of their members. Okta later confirmed this, saying that an account …

As security teams assess the key vulnerabilities of their IT infrastructures, growing attention is being placed on cyber supply chains. Attacks, such as the high-profile SolarWinds incident, occur when cybercriminals …

If you're not yet familiar with the ISO 27001 standard, it's an internationally recognised certification standard specifically focused on information security. Using the policies and procedures outlined in the standard …

Organisational risk covers a lot of bases within a business, from issues such as staff shortages and regulatory changes through to global pandemics and cyber threats. Knowing what to focus …

Last month Security Centric principal consultant Sash Vasilevski provided his expertise to Business IT, outlining recommendations for cybersecurity uplift measures for small to medium enterprises. Throughout the article, an outline …

In the many years that Security Centric has been partnering with organisations to provide services ranging from compliance, penetration testing, and security engineering through to managed security services such as …

With the IT security landscape constantly evolving, many businesses struggle to find and retain people with the knowledge and skills required to counter threats. Last month, Security Centric's Sash Vasilevski …

Earlier this month Security Centric's Sash Vasilevski provided expert opinion to the team at iTWire on the ins and outs of implementing zero trust as an outcome of the ongoing …

2021 has been challenging for the team at Security Centric, as it has for everyone, hopping in and out of lockdowns, an increasing workload and new team members. As we …

A new remote code execution vulnerability has been discovered affecting a common software library used in many systems and applications. A Java library, log4j2, is widely used in embedded systems …

A new troubling remote code execution vulnerability has been discovered that affects customers using Office 365 and Office 2019 on Windows 10 and is already being exploited by malicious actors …

If you were to ask us what the main cybersecurity mistakes organisations routinely make were, the one where businesses rely on their everyday IT team or providers to also perform …

The fact that ransomware is continuing to be a prolific threat probably isn’t news to those of you in the world of cybersecurity – however we know that most organisations …

It’s always a great day for someone who loves reading reports when the annual Verizon Data Breach Investigation Report (DBIR) gets released. However, we know not everyone enjoys reading 119 …