Cybersecurity Starts in the Boardroom
This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first! Let’s start with a simple definition. The Principle of Least Privilege (PoLP) is a fundamental concept in …
Continue reading “What the “Principle of Least Privilege” does for you? (pt. 1)”
The Principle of Least Privilege (PoLP) is a fundamental concept in cybersecurity. It ensures that users are granted only the minimum necessary access rights required to perform their job functions. This principle is one I always enforce in cyber security as it is a powerful way of defending the most …
Continue reading “Why the “Principle of Least Privilege” works and something for free…”
The loss of control of your information and it getting into the public domain is not always a cyber attack – many times it is simply a mistake by your team. It has happened to the Australian telecommunications company Telstra: Telstra sorry for publishing up to 130,000 customers’ details online …
Continue reading “Sometimes a cyber incident is not a cyber attack and what you can do to stop it.”
Ransomware does not go away and still poses one of the greatest risks to ant organisation large and small. Here is the latest ransomware attack being reported in the tech press: Trigona ransomware spotted in increasing attacks worldwide (bleepingcomputer.com) You at least need to know you have a ransomware resilient …
Australia has been in the cyber security headlines recently with a couple of high-profile hacks that has seriously impacted millions of citizens: Now it is being reported that the Australian government is considering bringing in legislation to prevent organisations legally paying ransomware demands, in an attempt to disrupt the threat …
This article was first posted on 27 October 2022 Update 10 November 2022 The headlines say it all: Medibank: Data stolen from Australia health insurance available online – BBC News Medibank hacker says ransom demand was US$10m as purported abortion health records posted | The Guardian These criminals will have …
Continue reading “Australia in the cyber security spotlight – UPDATED”
Dropbox has admitted that 130 of its confidential private GitHub repositories were coped by a threat actor. Among the haul were secret APUI codes. They do reassure users that no user content, usernames or passwords were stolen. Well of course not. That is not the issue. Why bother stealing those …
