Cyber Investigations

Australia’s cyber defence landscape is shifting fast. In this episode, we break down two major cyber security stories: the expansion of the Microsoft-ASD Cyber Shield, known as MACS, across more Australian federal government agencies, and the urgent cPanel patches for an actively exploited authentication bypass zero-day.We unpack what the Microsoft-ASD partnership means for government cyber security, identity protection, cloud security, secure configuration and threat intelligence sharing. We also explain why cPanel’s critical authentication bypass vulnerability matters, how attackers target web hosting control panels, and what tactics, techniques and procedures TTPs  defenders should understand.This episode goes beyond the headlines to explain how modern attackers increasingly target trusted access: identity systems, session tokens, admin portals, cloud platforms and hosting control panels. We cover password spraying, token theft, MFA fatigue, OAuth abuse, CRLF injection, session manipulation, persistence, web shells and post-exploitation activity.Whether you work in cyber security, cloud security, government IT, web hosting, incident response or are simply interested in cyber news, this episode gives you a practical breakdown of the technical details behind two important cyber stories.Topics covered: Microsoft-ASD Cyber Shield, MACS, Australian Signals Directorate, Microsoft cyber security, Australian government cyber security, cPanel zero-day, CVE-2026-41940, authentication bypass, WHM, web hosting security, CRLF injection, identity security, cloud security, threat intelligence, incident response, cyber attack TTPs, zero-day exploitation and cyber defence.Keywords: cyber security podcast, Australian cyber security, cyber news, Microsoft ASD Cyber Shield, MACS, ASD Microsoft, cPanel vulnerability, cPanel zero-day, authentication bypass, CVE-2026-41940, WHM security, cloud security, identity security, threat intelligence, incident response, cyber attack analysis, zero-day vulnerability, cyber defence, TTPs.

n this episode, we unpack Citizen Lab’s “Bad Connection” report, which reveals how covert surveillance actors exploited the hidden infrastructure of global telecommunications networks. Rather than hacking a phone directly, these actors abused telecom signalling systems and trust relationships between mobile operators to attempt location tracking at the network level.We explain the technical foundations in plain English, including BGP, SS7, and Diameter — three key parts of the global communications ecosystem. You’ll learn how internet routing works, how mobile networks locate subscribers, how international roaming relies on trusted signalling, and how those same systems can be misused for surveillance.We also explore the role of silent SMS, SIMjacker-style attacks, signalling firewalls, ghost operators, and why this report matters for cyber security, privacy, mobile network security, journalists, executives, government agencies, and anyone interested in digital surveillance.This episode is about more than one cyber incident. It is a look inside the hidden layers of the global phone network — and a reminder that some of the most powerful surveillance risks happen far beneath the screen.Topics covered: Citizen Lab, Bad Connection report, telecom surveillance, SS7 attacks, Diameter protocol, BGP routing, mobile tracking, silent SMS, SIMjacker, ghost operators, cyber security, privacy, digital surveillance, mobile network security, telecom signalling, location tracking, spyware alternatives, cyber investigations.

In this episode, we unpack the alleged NSW Treasury data breach that has sent shockwaves across the New South Wales government. A Treasury staff member has been arrested and charged after allegedly downloading 5,600 commercially sensitive government documents, triggering a significant cyber incident and a whole-of-government response.We break down what reportedly happened, why the breach is so serious, and what it reveals about insider threats, government cyber security, data governance, and the risks surrounding confidential commercial and financial information. We also explore the response from NSW Treasurer Daniel Mookhey, the police investigation, and the broader implications for public sector security across Australia.With agencies placed on alert and a dedicated taskforce established, this case raises major questions about insider access, cyber incident detection, and how governments protect sensitive data from internal misuse.If you’re interested in cyber security, data breaches, insider threats, Australian government security, or public sector risk management, this is an episode you won’t want to miss.Topics covered in this episode: NSW Treasury data breach explained  Arrest over alleged download of 5,600 sensitive documents  Insider threats in government agencies  Cyber incident response in the NSW public sector  Commercially sensitive and confidential government data  NSW Police and Cyber Security NSW investigation  Broader lessons for cyber security and data governance in Australia Keywords: NSW Treasury data breach, NSW cyber incident, insider threat, government data breach Australia, cyber security NSW, commercially sensitive documents, Treasury breach, public sector cyber security, Cyber Security NSW, Daniel Mookhey