This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
View Shownotes and full transcript here: https://sittingduck.com.au/podcast/nsw-ai-data-breach-dodo-hack-cybersecurity-lessons/
This week on the Don’t Be A Sitting Duck Podcast, Leigh Kefford explores three major Australian cyber incidents — revealing how ransomware groups and vendor breaches continue to challenge even the most trusted organisations.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
View Shownotes and full transcript here: https://sittingduck.com.au/podcast/australian-ransomware-wave-law-boats-air-services/
In this episode, we dig into two gripping and high-stakes stories in cybersecurity. First, Qantas is one of nearly 40 global firms being extorted over stolen data from Salesforce, now leaking millions of customer records. Then, in Australia, a health services firm becomes the first to face a major civil penalty—$5.8 million—for a data breach that exposed sensitive personal records. These twin lessons underscore just how fast the regulatory and threat landscape is evolving.
You’ll hear clear, actionable advice for your business: how to defend against vishing attacks, contain data exposure, plan incident responses, and stay on the right side of privacy regulators.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
View Shownotes and full transcript here: https://sittingduck.com.au/podcast/qantas-data-breach-australia-privacy-penalty/
In this episode of the Don’t Be A Sitting Duck Podcast, Leigh Kefford unpacks three alarming cyber incidents that reveal just how far attackers are willing to go:
These cases show a disturbing reality: no industry is off-limits, and cybercriminals are increasingly targeting healthcare, manufacturing, and even childcare. Leigh explains how the attacks unfolded, why they matter, and—most importantly—what actions your business can take to avoid becoming the next headline.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
View Shownotes and full transcript here: https://sittingduck.com.au/podcast/cyberattacks-pharmacy-brewer-uk-nursery/
In this episode, we unpack the alarming rise of state‑sponsored Chinese cyber actors compromising critical infrastructure—from backbone routers to military and government networks. You'll learn how these Advanced Persistent Threat groups maintain stealthy, long‑term access, and why this matters for national and business security.
We break down how the attacks happen, explain the global coordination behind recent advisories, and offer smart, actionable steps you can take now to protect your organisation.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
View Shownotes and full transcript here: https://sittingduck.com.au/podcast/chinese-state%e2%80%91sponsored-cyber-threat/
This episode uncovers a stealthy cyber‑attack slipping through inbox filters: Microsoft 365 calendar phishing. Scammers send fake billing alerts—like “Payment Failed” or “Account Suspended”—directly to your calendar. Without clicking anything, the threat arrives. We explain how they exploit default invite settings, why deleting or responding can put you on their radar, and most importantly, how you and your team can defend against it.
You’ll learn actionable steps: ignore suspicious invites, use inbox tools wisely, verify via official channels, and empower your business with layered protection.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
In this episode, we dig into the newly discovered FileFix attack—a clever and stealthy cyber trick that exploits how people use their clipboard. No malware. No download. Just voice‑less manipulation of Windows Explorer and the clipboard to execute hidden PowerShell commands. We’ll break down how it works, why it’s so dangerous, and what businesses should do today to stay protected.Click here for full Transcript, shownotes and resources
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
Qantas has joined the long list of major companies hit by cybercrime — this time, through a third-party contact centre platform. In this special Don’t Be A Sitting Duck episode, Leigh Kefford unpacks how customer data was leaked, what it means for businesses, and why vendor risk can no longer be ignored.
What You’ll Learn:
Ransomware is more dangerous — and more accessible — than ever before. In this episode of Don’t Be A Sitting Duck, Leigh Kefford breaks down what’s really happening behind the scenes, how local businesses are being impacted, and the 5 non-negotiable actions your business must take to stay protected.
In This Episode:
Key Takeaways:
Recovery depends on preparation — not luck.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
View Shownotes and full transcript here: https://sittingduck.com.au/podcast/ransomware-realities-what-every-business-must-know/
Is your business really ready for a cyberattack? If you’re in banking, insurance, or superannuation — APRA’s CPS 234 isn’t just a suggestion, it’s mandatory.
In this extended episode, Leigh Kefford unpacks the what, why, and how of CPS 234 — Australia’s leading information security standard for regulated financial entities. But even if you’re not regulated, there’s a lot to learn here.
Get the full show notes and resources at sittingduck.com.auThis podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
From 30 May 2025, Australian businesses earning over $3 million per year must report any ransomware or cyber extortion payments to the government within 72 hours. In this episode, Leigh explores:
What qualifies as a reportable ransomware or cyber extortion payment
Who needs to report and how to calculate turnover thresholds
What’s included in the 72-hour reporting requirement
Why these reports matter for Australia’s national cyber defence
How to prepare your business now before penalties kick in
🎯 Book your free Empower Systems Assessment at nationalpc.com.au/empower
🎧 Get the audiobook Sitting Duck - The Phone Call You Don’t Want to Receive now on Spotify.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
Fatalities caused by cyberattacks in hospitals? That’s what healthcare leaders are bracing for—and that’s just the beginning. In this episode of the Don't Be A Sitting Duck Podcast, Leigh Kefford unpacks the critical cybersecurity threats facing Australia right now.
We explore:
The growing belief that it’s only a matter of time before a cyberattack leads to death in healthcare.
New legislation requiring ransomware payment disclosures in Australia.
Full shownotes available at sittingduck.com.au
Each story includes practical actions your business can take to stay one step ahead of cybercriminals.
🎯 Book your free Empower Systems Assessment at nationalpc.com.au/empower
🎧 Get the audiobook Sitting Duck - The Phone Call You Don’t Want to Receive now on Spotify.
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
In this episode, we delve into the pressing cybersecurity issues facing Australia today. From the dangers of unmanaged digital assets to the rise of AI-generated election misinformation, and the recent malware attacks on major banks, we uncover the vulnerabilities that businesses and individuals must address. Tune in to learn actionable steps to protect your digital environment.
👉 Full transcript and show notes available at sittingduck.com.aucybersecurity threats Australia, unmanaged IT assets, AI misinformation risks, election security Australia, Australian banks cyber attack, malware breach 2025, business cybersecurity, small business IT risk, cybercrime prevention, North Queensland cybersecurity, IT security for law firms, endpoint protection, phishing and malware attacks
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
Thousands of Australians have had their online banking passwords stolen by stealthy infostealer malware like RedLine and Raccoon Stealer. These credentials are now being sold on dark web marketplaces, putting businesses and individuals at risk. In this episode, I break down how infostealer malware works, why it's so dangerous, and the key steps you must take to protect your business.
Episode Notes / Show Notes:
How infostealer malware silently steals credentials from Australians
Real-world breaches involving RedLine and Raccoon Stealer malware
Why businesses must act urgently to protect sensitive data
Practical cybersecurity steps to defend against info-stealers
👉 Full transcript and show notes available at sittingduck.com.au
External Source Links:
A coordinated cyberattack hit several Australian super funds—including AustralianSuper, Hostplus, and Rest—leading to major financial and data loss. This episode explores how the breach happened, the method known as credential stuffing, and steps businesses can take to avoid a similar fate.
Main Stories Covered:
Credential stuffing attacks on super funds
$500,000 stolen from compromised AustralianSuper accounts
The role of weak passwords and reused credentials
Why MFA and security audits are now essential
External Links:
This podcast was produced by National PC, delivering expert cyber security services in Townsville and Cairns through our Empower Managed IT solutions—secure, reliable, and built for North Queensland businesses.
February 2025 saw ransomware attacks hit an all-time high, with cybercriminals exploiting software vulnerabilities to hold businesses hostage. At the same time, social engineering scams are becoming more deceptive, tricking victims into handing over sensitive information.
In this episode, I break down:
✅ Why ransomware attacks skyrocketed and how businesses are being targeted
✅ The growing threat of social engineering scams and how to spot them
✅ Practical steps to protect your data, employees, and financial assets
Don’t wait for a cyberattack to strike—take action now!
Get the full show notes and resources at sittingduck.com.au
In this episode, we delve into recent significant cybersecurity incidents: a massive data breach at Brydens Lawyers, ASIC's legal action against FIIG Securities for prolonged cybersecurity failures, and the emergence of the Ballista botnet exploiting vulnerabilities in TP-Link routers. These events highlight the critical need for robust cybersecurity measures across all sectors. For more insights and resources, visit sittingduck.com.au.
Papua New Guinea is going digital—but is it secure?
In this episode of Don't Be a Sitting Duck, we dive into the cybersecurity challenges facing PNG’s government, businesses, and critical infrastructure. We discuss real-life cyberattacks—including ransomware incidents affecting PNG’s Department of Finance and the Internal Revenue Commission—and explore what needs to change to protect the nation’s digital future.
Key topics covered:
Who should listen? If you're in government, IT, banking, or business in PNG, this episode is a wake-up call for action.
Tune in now and start asking the tough questions.
Got insights? Want to be part of the conversation? Reach out at sittingduck.com.au/podcast.
Subscribe & listen on Spotify, Apple Podcasts & more!
A major cybersecurity breach has rocked Australia’s healthcare sector. Genea, a leading IVF provider, was hit by a cyberattack that compromised sensitive patient data, exposing medical histories, test results, and personal information on the dark web. In this episode, we break down how the attack happened, why it matters, and—most importantly—what businesses can do to prevent similar breaches.
🔗 Show notes & resources: sittingduck.com.au
