Security

Everything you need to know about security and encryption.

Show me your ID to read the internet — the rise of mandatory age verification

Jul 02, 2026

For most of the internet’s life, proving your age meant ticking a box that swore you were over 18 and getting on with your day — a formality nobody believed, and not really a checkpoint. That era is closing. Across the United Kingdom, the European Union and now Australia, governments have decided the honour system has to go, and that access to whole categories of the internet should depend on proving who you are: with a document, a card, or your face. The stated target is children and the har...

The spyware company that lost — what the NSO Group verdict means for the rest of us

Jun 29, 2026

The commercial spyware industry has spent years hiding behind a single sentence: we just build the tool — what the customer does with it is on them. It is a tidy defence, and for nearly a decade it held. Then, after a six-year fight, a US jury and a federal judge took it apart. NSO Group — the Israeli maker of Pegasus, the most notorious surveillance tool on earth — was found liable for hacking roughly 1,400 WhatsApp users, and then permanently barred from ever targeting WhatsApp again. For o...

The flaw in the phone network that finds anyone, anywhere — SS7 and fake towers

Jun 26, 2026

There is a comforting assumption baked into the way most of us use our phones: that the call you make, the text you send, and the place you happen to be standing are private by default. They are not. Beneath every mobile call and SMS sits a set of signalling protocols designed in an era when the global phone network was a small club of state-run carriers who all trusted one another. That trust was never removed — it was simply scaled up to billions of devices. The result is a network that, in...

The intruder who never installs anything Living-off-the-land attacks

Jun 23, 2026

Picture the moment after a security scare. The IT team runs a full antivirus sweep, checks the endpoint console, and reports back: no malware found. Everyone exhales. The trouble is that the most patient attackers operating today never give your antivirus anything to find. They do not deploy malware at all. They log in with stolen credentials, then quietly use the same administration tools your own IT staff rely on every day. The technique is called living off the land, and it is the reason “...

The surveillance ratchet: what the UK and EU tell Australians about where our online laws are heading

Jun 14, 2026

To see where Australia’s internet is heading, don’t bother forecasting — look at Britain. In barely eighteen months the UK has switched on mandatory age checks, pushed age verification down to the phone itself, fought Apple over encryption, normalised facial recognition on the street, and — in June 2026 — given Apple and Google three months to build scanning into every device or face the law. The EU is working down the same list. These levers keep surfacing in the same order across like-minde...

What a zero-day really is — and why even fully patched software isn't always safe

Jun 10, 2026

There is a comforting idea in cyber security that if you keep everything updated, you are safe. Patch your operating systems, patch your applications, tick the box, and the attackers move on to someone lazier. It is a good habit and you absolutely should do it — but it is only half the story. The most dangerous flaws in the software your business runs are the ones nobody has fixed yet, because nobody on the defending side knows they exist. These are zero-days, and understanding them is the di...

Your phone is the easiest way in — here’s why

Jun 04, 2026

Pick up the device within arm’s reach right now. It holds your email, your banking app, your authentication codes, your messages, your location, and a login to half the services you use. It goes everywhere you go, it’s unlocked dozens of times a day, and it’s almost certainly the least defended thing you own. Yet most security advice is still written as though the desktop is the front door. It isn’t. For a fast-growing share of attacks, the phone is — and attackers worked that out long before...

Claude Mythos: Anthropic's frontier AI & what it means for cyber security

May 26, 2026

Most AI announcements wash over the cyber security industry without much fuss. Mythos was different. In April 2026, Anthropic told the world it had built a model so good at finding software flaws that releasing it publicly would be irresponsible — and then handed restricted access to a coalition of the biggest names in tech to use it for defence. That is not a normal product launch. It is closer to an admission that the offence-defence balance has just shifted, and the industry has roughly tw...

How honeypots enhance cyber security

May 17, 2024

The key to effective cyber security is always to stay one step ahead of malicious actors. One innovative tool that has gained prominence in recent years is the honeypot. This unassuming decoy system is a powerful tool to detect, analyse, and mitigate cyber threats.

Unmasking sniffing attacks: How to protect your network

Oct 02, 2023

In the digital world, where data flows seamlessly between devices and networks, sniffing attacks are a particularly insidious form of intrusion. Understanding the anatomy of a sniffing attack is paramount in fortifying your network's defences.