Posts by John Reeman

According to data tracked by ransomware.live, 118 Australian organisations have already been publicly impacted by ransomware this year. The victims span almost every sector of the economy — airlines, telecommunications providers, medical practices, retailers, manufacturers, professional services, and law firms. The diversity of targets reinforces an uncomfortable truth: no organisation is too small, too regulated,…

The ACL judgment is a valuable reminder that cyber-risk is not just about firewalls, malware signatures or patches. It’s also about how we interpret, act on and communicate the results of our investigations, particularly when external advisors are involved.

Welcome to the world of modern Business Email Compromise (BEC), where the attack vector isn’t a malicious payload, but elaborately constructed deception that exploits the very trust relationships that make business possible.

Modern cybersecurity has a blind spot problem. Organisations invest heavily in Endpoint Detection and Response (EDR) solutions, believing they’ve fortified their defences. Yet attackers continue to move laterally through networks, escalating privileges and exfiltrating data often without triggering a single alert. The reason? EDR tools excel at monitoring endpoints, but they fundamentally cannot see what…

Insider threats have fundamentally transformed with the proliferation of cloud computing, remote work arrangements and sophisticated data management systems. Unlike external cyber security breaches, insider threats involve individuals with legitimate system access who misuse their privileges. This creates unique challenges for legal practitioners, as the line between authorised and unauthorised activity can be subtle, requiring careful analysis of digital footprints to establish intent and scope of misconduct.