CONTACT US

Stay Ahead of Cyber Threats with Expert Insights

Practical cybersecurity guidance, incident response expertise, and industry intelligence for Australian law firms and businesses.

Get the 'Cybersecurity Loop' newsletter delivered to your inbox:

subscribe

The Cyber Security Loop Newsletter

CYOODA - Newsletter

Welcome to the “Cybersecurity Loop” Edition #17

December 17, 2025
🎄 Ho Ho Ho! 🎄 Welcome to the festive edition of the cybersecurity loop!   Quick heads up - I'm building something new for 2026. It's called "The Reluctant CISO":...
Read More about Welcome to the “Cybersecurity Loop” Edition #17

Welcome to the “Cybersecurity Loop” – Edition #13

August 27, 2025
Now, before we unpack this month's stories, just a quick note to let you know that we will be on Stand #55 at the ALPMA Summit 2025 in Sydney, 3...
Read More about Welcome to the “Cybersecurity Loop” – Edition #13

Welcome to the “Cybersecurity Loop” – Edition #12

July 24, 2025
Every few weeks, I share a quick pulse on what's happening in the world of cybersecurity, framed for law firm leaders and risk stakeholders across Australia. Think of it as...
Read More about Welcome to the “Cybersecurity Loop” – Edition #12

Thoughts and articles by Cyooda

All
  • All
  • Cybersecurity
  • Detection Engineering
  • How To Guides
  • Ransomware Insights
  • Security Insights

118 Australian Businesses Hit by Ransomware in 2025 | What Leaders Must Know

December 16, 2025
According to data tracked by ransomware.live, 118 Australian organisations have already been publicly impacted by ransomware this year. The victims span almost every sector of the economy - airlines, telecommunications...
Read More about 118 Australian Businesses Hit by Ransomware in 2025 | What Leaders Must Know

Australian Clinical Labs Case: Lessons in Cyber Response & Communication

October 24, 2025
The judgment in brief In this case, ACL acquired the assets of Medlab Pathology Pty Ltd on 19 December 2021. It assumed control of Medlab's IT systems, which over 223,000...
Read More about Australian Clinical Labs Case: Lessons in Cyber Response & Communication

Beyond the Gateway: Why Traditional Email Security Can’t Stop BEC Attacks Targeting M&A Deals and Trust Accounts

October 2, 2025
The email your conveyancing solicitor just received looks perfect. It's a continuation of an existing thread about a property settlement, references the correct property address, includes previous conversation history, and...
Read More about Beyond the Gateway: Why Traditional Email Security Can’t Stop BEC Attacks Targeting M&A Deals and Trust Accounts

The Hidden Battlefield: Why Traditional EDR Leaves Your Identity Layer Exposed

October 2, 2025
Modern cybersecurity has a blind spot problem. Organisations invest heavily in Endpoint Detection and Response (EDR) solutions, believing they've fortified their defences. Yet attackers continue to move laterally through networks,...
Read More about The Hidden Battlefield: Why Traditional EDR Leaves Your Identity Layer Exposed

Cybersecurity news from around the world

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

December 13, 2025
Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in...
Read More about Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

December 12, 2025
The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the...
Read More about Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

MITRE shares 2025’s top 25 most dangerous software weaknesses

December 12, 2025
MITRE has shared this year's top 25 list of the most dangerous software weaknesses behind over 39,000 security vulnerabilities disclosed between June 2024 and June 2025. The list was released...
Read More about MITRE shares 2025’s top 25 most dangerous software weaknesses

UK fines LastPass over 2022 data breach impacting 1.6 million users

December 12, 2025
The UK Information Commissioner's Office (ICO) fined the LastPass password management firm £1.2 million for failing to implement security measures that allowed an attacker to steal personal information and encrypted...
Read More about UK fines LastPass over 2022 data breach impacting 1.6 million users

MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

November 28, 2025
Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the guest access feature in Teams. "When users...
Read More about MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

OpenAI discloses API customer data breach via Mixpanel vendor hack

November 27, 2025
OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. Mixpanel offers event analytics that OpenAI uses to...
Read More about OpenAI discloses API customer data breach via Mixpanel vendor hack

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

November 24, 2025
A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad. "The attacker targeted Windows Servers with...
Read More about ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

 Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

November 13, 2025
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform...
Read More about  Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

Our Services

Virtual CISO Retainer Service

Security Program Improvement

Data Security and Privacy

Governance Risk and Compliance

Digital Forensics

Incident Response

Cyber Crisis Management

Incident Response Retainer

Penetration Testing

Vulnerability Management

Security Awareness Training

Recent Posts

Welcome to the “Cybersecurity Loop” Edition #17

118 Australian Businesses Hit by Ransomware in 2025 | What Leaders Must Know

Australian Clinical Labs Case: Lessons in Cyber Response & Communication

Beyond the Gateway: Why Traditional Email Security Can’t Stop BEC Attacks Targeting M&A Deals and Trust Accounts

The Hidden Battlefield: Why Traditional EDR Leaves Your Identity Layer Exposed

Lvl 17, Angel Place,

123 Pitt Street,

Sydney

NSW 2000

 (02) 7230 1350