Home Affairs adds SecOps to new cyber risk overhaul

Home Affairs is investing in cyber security operations after an extensive program to overhaul its cyber risk management and system authorisation processes. The department is in the early stages of implementing ServiceNow’s SecOps module for incident response, integrating it with the vendor’s integrated risk management (IRM). Home Affairs director of cyber risk management Alex Reale […]

Exetel fined $694k over system ‘vulnerability’ for mobile number porting

Exetel has been penalised $694,000 after scammers were able to port mobile numbers to the telco and use them to steal hundreds of thousands of dollars from bank accounts. An investigation [pdf] by the Australian Communications and Media Authority (ACMA) found that unspecified “bad actor/s” were able to port 73 numbers to Exetel through an […]

AI summarisers open to ‘ClickFix’ social engineering attacks

Security researchers have developed a sophisticated prompt injection attack that abuses trusted AI summarisation tools, and potentially turns these into ClickFix-style step-by-step instructions to compromise user systems. The technique, detailed in new research from Singapore security vendor CloudSEK, exploits the gap between what humans can see on a webpage and what artificial intelligence models process […]