Risk Tag

Single sign-on (SSO) is a widely-used authentication method that allows users to access multiple applications using just one set of credentials. It is considered the gold standard for security as it eliminates the need for users to remember multiple passwords and can be further secured with multi-factor authentication (MFA).   In fact, an estimated 61% of attacks stem from stolen credentials, and SSO reduces the attack surface...

Read More
frontier software

NSW Health Data Breach: Payroll Information of Over 1,600 Staff Affected!   NSW Health has recently confirmed that it has become the latest organisation to suffer a data breach in the Frontier Software cyber-attack at the end of 2021. According to an FAQ posted on its website, the breach has impacted staff or former staff who were employed by the Ministry of Health, as a senior executive...

Read More
gootloader

Six Law Firms Targeted in GootLoader and SocGholish Malware Campaigns   Mar 01, 2023 - In January and February 2023, six different law firms were targeted in two separate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader is a first-stage downloader that is capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It employs search engine optimization (SEO)...

Read More

Victoria’s auditor-general has expressed concern over the increasing number of weaknesses in IT controls in the state's local government sector.   According to a new audit, the office found more IT control weaknesses due to increased scrutiny. These weaknesses included access management, policies and procedures, logging and monitoring, backup and recovery, and change management.   The auditor-general noted that poor IT controls increase the risk of unauthorised access, cyber-attacks,...

Read More
Wireless IIoT Device Vulnerabilities Pose Risk to Critical Infrastructure

A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. "Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks," Israeli...

Read More