Stop the Bleeding: How Revoking Admin Rights Eliminates Support Tickets
The most time-consuming ticket in your queue is rarely a hardware failure. It’s the PC infection that started when a user installed something they shouldn’t have been able to. Or it’s the broken configuration left behind after someone changed a setting IT can’t trace. Local administrator rights (the ability to install software, modify system settings, and override security controls) are given to end users far … Continue reading Stop the Bleeding: How Revoking Admin Rights Eliminates Support Tickets
The Microsoft AI Assistant That Quietly Runs Up a Bill
You can create a custom AI assistant using Microsoft 365’s Copilot that answers questions about your company documents. However, be cautious of unexpected billing due to different charging methods based on the AI’s capabilities. Choosing an everyday brain can significantly reduce costs, especially for common queries. Proper planning is essential. Continue reading The Microsoft AI Assistant That Quietly Runs Up a Bill
Is Your Invoice a Deepfake? Securing Your Accounts Payable Process Against Voice and Email Cloning
It’s a statistic that sends a shiver down the backs of SME owners, managers and employees. According to the FBI’s 2025 Internet Crime Report, business email compromise (BEC) cost US businesses more than $3 billion last year. This makes it one of the most financially damaging cybercrimes on record. AI has made these attacks harder to detect. The question for AP teams is no longer … Continue reading Is Your Invoice a Deepfake? Securing Your Accounts Payable Process Against Voice and Email Cloning
Adversary-in-the-Middle Attacks: How Phishing Sites Steal Your Active Login
You click a link, sign in, approve the MFA prompt, and get on with your day. Completely unaware that someone else just logged into your account at the same moment. That scenario surprises many businesses, particularly those that rely on multi-factor authentication (MFA) to protect cloud accounts. But this is exactly how Adversary-in-the-Middle (AiTM) phishing attacks work. Rather than stealing passwords for later use, these … Continue reading Adversary-in-the-Middle Attacks: How Phishing Sites Steal Your Active Login
The Empty Seats
How Australia’s performance venues — and the companies that play in them — can welcome the audience that stopped coming back Continue reading The Empty Seats
The “Session Cookie” Hijack: Why MFA Can’t Always Save You
MFA is a strong front-door lock. But it’s not the only thing that decides whether someone can get in. After you sign in, your browser keeps you logged in using a session token (often stored as a cookie). It’s the digital version of a wristband at an event: once you’ve been checked, the wristband proves you belong there. If an attacker steals that wristband, they … Continue reading The “Session Cookie” Hijack: Why MFA Can’t Always Save You
“Make No Mistakes” and Other Things That Don’t Work
There’s a running joke online that the trick to getting good work out of ChatGPT or Claude is to tell it to “make no mistakes.” Sometimes it gets dressed up — “you are a world-class expert, take a deep breath, and make no mistakes” — but the punchline is always the same. Say the magic words and the machine stops being lazy. It’s a good … Continue reading “Make No Mistakes” and Other Things That Don’t Work
The “Legacy Debt” Audit: Identifying the 3 Oldest Risks in Your Server Room
The most dangerous thing in a server room is often the phrase, “Don’t touch that.” It’s usually said with a half-joke and a grimace. It refers to the old box that “still works”, runs something important, and has survived so many fixes and workarounds that nobody feels confident changing it anymore. That’s legacy debt. Not just “old tech”, but old tech that’s become a dependency. … Continue reading The “Legacy Debt” Audit: Identifying the 3 Oldest Risks in Your Server Room
The “Backup Exit” Strategy: Can You Move Your Data Without the Vendor’s Help?
When you first sign up for a software-as-a-service (SaaS) platform, everything is designed to feel effortless. The problem is that the first real test of a SaaS relationship isn’t the onboarding. It’s the exit. For many small businesses, the front door is wide open, but the emergency exit is bolted shut: exports are incomplete, key data sits in proprietary formats, and leaving requires expensive vendor … Continue reading The “Backup Exit” Strategy: Can You Move Your Data Without the Vendor’s Help?
Micro-SaaS Vetting: The 5-Minute Security Check for Browser Add-ons
Browser add-ons have a funny reputation. They feel “small”. A quick install. A tiny productivity boost. A harmless little helper that lives in your toolbar. But in practice, a browser extension is more like a micro-SaaS vendor sitting inside your browser session. It can see what you see, interact with the pages you open, and sometimes access the same cloud apps your business runs on … Continue reading Micro-SaaS Vetting: The 5-Minute Security Check for Browser Add-ons