Cynch Security
18/12/2024
That glorious moment where you get to switch on your email out of office message is almost here. Here are a few tips to stop cyber criminals turning your well meaning message against you.
Keep your movements to yourself — Cynch Security The good old ‘out of office’ message is there to let your customers and partners know what’s up and assure them you’ll be back to business as soon as you return. Sadly, these automatic messages might flag to spammers and cyber criminals you’re away, so take care not to share the wrong thin...
19/09/2024
A hectic week with over 200 news alerts. Here's a summary of what you might have missed: Apple and Google issued updates and we saw a ramp up in scams with iPhone 16 hype and innovative deepfake attacks. Stay informed and secure out there!
🚨 Upgrade Adobe Acrobat Reader to fix a critical flaw. https://buff.ly/3XqcSlI
🚨 Apple's macOS Sequoia 15 patch addresses multiple security issues allowing unauthorised access to sensitive user data, system files, and privileges. https://buff.ly/3zp2BhG
🚨 iOS 18 and iPadOS 18 security updates address vulnerabilities allowing unauthorised access, denial-of-service, and other risks. https://buff.ly/3XAq1sJ
🚨 Chrome 129 is now stable and includes security fixes and other improvements. https://buff.ly/3B8ZuuS
⚠️ Cybercriminals exploit iPhone 16 hype with fake pre-orders, technical support scams, and phishing sites. https://buff.ly/3zkexBj
⚠️ Over half of Australian law firms see cyber security as their top challenge, with 21% targeted by cybercriminals, and phishing attacks affecting 81%. https://buff.ly/3XzObDC
⚠️ A surge in AI-driven cybercrime in Australia & New Zealand. https://buff.ly/3BcmKIx
⚠️ Web DDoS attacks soared in 2024. Finance was hit hardest. https://buff.ly/3XpPVPG
⚠️ Malware locks browsers in kiosk mode to steal Google credentials by frustrating users into entering their info. https://buff.ly/3B2xzg5
⚠️ The OAIC reported a 65% increase in government data breaches in H1 2024 with 63 incidents; most breaches were from impersonation or social engineering. https://buff.ly/4gq9y2R
💪 Passkeys are now easier to use for Chrome users with sync support on Google Password Manager. https://buff.ly/3ZuJPQy
💪 HackerOne launches Essential VDP, a free entry-level Vulnerability Disclosure Programme. https://buff.ly/3Zw8p3Q
AI-driven cybercrime spikes in Australia & NZ, warns Trend Micro AI-driven cybercrime surges in Australia and NZ, warns Trend Micro; thousands of attacks detected, leveraging AI to breach security defences.
22/08/2024
Missed some crucial cyber security updates this week? After reviewing over a 180 alerts, we’ve summarised the key insights. Don't ignore updates to WordPress plugins, Chrome and new attacks targeting businesses of all sizes.
🚨 Critical flaws found in WordPress LiteSpeed Cache, GiveWP, InPost, and JS Help Desk plugins discovered and patched. https://buff.ly/3MbmLP0
🚨 Google patches critical Chrome. Update to version 128.0.6613.84 or later asap. https://buff.ly/4duRQcp
⚠️ A newly found GitHub Actions flaw, leaks tokens and can allow malicious actors to hijack repositories and access cloud environments. https://buff.ly/4fMZ7WQ
⚠️ Medibank's security uplift post-2022 breach, costing $86.2M, expects to reach $126M by mid-2025. Litigation costs loom, but customer acquisition has rebounded. Net profit rises to $570.4M. https://buff.ly/3XdNtwM
💪 Microsoft urges Microsoft 365 admins to enable MFA by Oct 15. Admins can defer until April 2025 but at higher risk. https://buff.ly/46P9mFL
💪 Google testing a new Chrome feature to redact sensitive info during screen sharing on Android! https://buff.ly/46P0UX2
💪 QNAP's new Security Center updates add ransomware protection and support for self-encrypting drives, enhancing overall NAS device security. https://buff.ly/3YUzJrT
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk Critical vulnerability in WordPress GiveWP plugin threatens 100,000+ websites. Urgent update required to protect against remote code ex*****on attacks
15/08/2024
Over 200 news alerts in the past week including critical Microsoft patches, alarming security flaws, and gym locker attackers. Here are the concerns you might have missed.
🚨 Microsoft's August 2024 Patch Tuesday addresses 89 flaws, including six actively exploited and eight critical vulnerabilities fixed. Don't wait, patch now! https://buff.ly/3SPpz89
⚠️ 99% of Global 2000 companies have been linked to breached vendors. https://buff.ly/4d5CGdz
⚠️ Cybersecurity researchers reveal new phishing using Google Drawings and WhatsApp links to mimic Amazon. https://buff.ly/4dxs4E6
⚠️ Clicking 'OK' allows 237 partners to use cookies and access your data for personalised ads and more. https://buff.ly/3WDLQqB
⚠️ Microsoft announces Windows 11 21H2 and 22H2 editions will reach end of servicing on October. https://buff.ly/3WJVQ1J
⚠️ Evolution Mining hit by ransomware, IT systems impacted but mining operations continue. https://t.co/IIkHEGfhCz
⚠️ Cloudflare's survey reveals 41% of Aussie businesses faced data breaches in the last year, with 50% paying ransomware demands despite pledges. AI's impact, budget allocations, and complex threats are major concerns. https://buff.ly/4dr4lWq
⚠️ Australia sees a spike in returns fraud, with 60% of retailers hit in the past year. Quality disputes and 'wardrobing' top the list of abuses. https://buff.ly/3Aodtwt
⚠️ Thousands of electronic lockers in gyms, offices, and schools are hackable using cheap tools. Researchers at Defcon showed how to extract and clone management keys. https://buff.ly/3YLBY0W
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited Today is Microsoft's August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day.
08/08/2024
Missed this week’s key cybersecurity highlights? After reviewing another 190+ news alerts, here are the updates you need to know!
Google patches a critical bug in Android, Chrome updated, over a million domains at risk of takeover, Microsoft’s global outage due to a DDoS attack, and much more.
🚨 Google's August Android update patches 46 bugs, including some being exploited in the wild. https://buff.ly/46QFIjL
🚨 Chrome browser was updated to 127.0.6533.99 for Windows, Mac, and Linux, fixing 5 security issues. https://buff.ly/46LbtKP
⚠️ Over a million domains, including those from Fortune 100 firms, are vulnerable to takeover due to DNS authentication weaknesses at major hosting providers. https://buff.ly/4dpuLYs
⚠️ Microsoft confirms nine-hour outage of multiple services was triggered by a DDoS attack, affecting 365 and Azure services globally. https://buff.ly/4d5hFQ6
⚠️ ERIAKOS scam employs over 600 fake web shops on Facebook to steal personal data, targeting mobile users with ads for fake discounts from brands like Nike and Amazon. https://buff.ly/3WHFIPk
⚠️ Twilio has forcibly logged users out of the Authy for Desktop app, ending support and rendering the app unusable. Existing users must switch to mobile versions, risking lost 2FA tokens if not synced. https://buff.ly/4c3YKE4
⚠️ Qualys 2024 report reveals a 30% rise in reported CVEs, with 22,254 total. Critical vulnerabilities include CVEAtlassian Confluence, FortiClient, and Check Point Security Gateways. https://buff.ly/4dbyLMn
⚠️ 99% of Global 2000 companies link to breached vendors, urging better supply chain cybersecurity amidst new SEC requirements. https://buff.ly/4d5CGdz
💪 OpenAI's new GPT-4o powers ChatGPT with advanced features, spurring privacy concerns due to extensive data collection. https://buff.ly/3LJTbA7
💪 Bugcrowd unveils Continuous Attack Surface Pe*******on Testing (CASPT) to enhance security and reduce external risks, leveraging their recent acquisition of Informer for enriched EASM and vulnerability data. https://buff.ly/46U4EqB
Twilio kills off Authy for desktop, forcibly logs out all users Twilio has finally killed off its Authy for Desktop application, forcibly logging users out of the desktop application.
Click here to claim your Sponsored Listing.
Category
Contact the business
Website
Address
121 King Street
Melbourne, VIC
3000