Security News

An Australian IT contractor has been sentenced to 30 months jail for ripping off the National Maritime Museum. The nonprofit museum celebrates Australia's maritime heritage - a matter of some import for the island nation, which therefore attracts government funding.

Online graphic design platform Canva went looking for security problems in fonts, and found three - in "Strange places." Tools like FontForge and ImageMagick can rename filenames of fonts, allowing users to work within a complex naming system to better locate a desired font inside a collection.

In a speech delivered yesterday, Mike Burgess noted that countering Soviet sabotage plots was a significant reason ASIO was created. "Nationalists and racists are probably just mouthing off. But the spy chief indicated that ASIO"is aware of one nation-state conducting multiple attempts to scan critical infrastructure in Australia and other countries, targeting water, transport and energy networks.

The extent of the scam was revealed on Monday in an audit of the ATO's management and oversight of fraud control arrangements for the Goods and Services Tax - Australia's equivalent of a value-added or sales tax. The scam promoted in online ads detailed a means of securing a loan from the ATO - an outright lie, as Australian tax authorities are not notably more generous than others around the world.

The Australian government announced in 2023 that it would phase out the use of passwords to access key government digital service platform myGov. In the first half of 2024, Australians may be asked to adopt passkeys, which use individual biometric data to authenticate users. The myGov passkey push across the Australian population will pave the way for IT leaders to adopt this more secure form of authentication in the private sector as public awareness and education rise.

Organisations in Australia face a significant challenge with data. Why organisations want data to deliver personalisation.

60% of Australian small businesses don't survive a cyber breach. A recent report by ASIC found that "Medium and large" organisations consistently reported more mature cyber security capabilities than small organisations, which lagged behind in most critical areas: supply chain risk management, data security and consequence management.

Research from Infoxchange indicates that poor cyber security practices in Australia's not-for-profit sector are putting its donors' and communities' data at risk. A mere 12% of NFPs conducted regular cyber security awareness training, and only one in five had a cyber security policy in place.

The Australian government is moving towards regulating cryptocurrency, with a focus on those involved in developing and maintaining crypto platforms. Cryptocurrency is known for its vulnerability, with Australia experiencing several incidents, including a AUD$40 million hack on the crypto betting platform, Stake, and the theft of over one million from an Australian Bitcoin bank in 2013.

Fear and the more technical aspects of cybersecurity are still stopping Australian CEOs from engaging more deeply with cybersecurity risks, despite a string of high-profile cyberattacks that have hit Australian brands, including Optus and Medibank and millions of their customers. New research from consulting firm Accenture found that only one in five of Australian CEOs are currently dedicating board meetings to discussing cybersecurity issues, while 34% think cybersecurity isn't a strategic matter and requires episodic rather than ongoing attention.