Cyber Security Insights & Resources
Stay informed with the latest cyber security insights, research, and practical guidance.
Technical Research and Recommendations
Passwordstate Authentication Bypass (CVE-2025-59453)
By Aidan Stansfield TL;DR Click Studios’ Passwordstate before Build 9972 is vulnerable to an authentication bypass vulnerability, which allows a threat actor to gain full control over the Passwordstate service.
Decrypting Passwordstate
By Aidan Stansfield TL;DR For versions 9700 and above of Passwordstate, the EncryptionKey is derived differently. It now is derived by the HMAC(alg=SHA256, key=join(Secret2, Secret4), plaintext=join(Secret1, Secret3)). A PR has been made to the
Spiceworks – CVE-2021-43609
By Aidan Stansfield Flashback Time! This technical blog post looks at one of the early vulnerabilities uncovered by the Division 5 research program. The team undertook research into the Spiceworks
Direct Memory Access Attacks and Mitigations
By Matthew Prain DMA Attacks, And How to Prevent Them Someone gaining unauthorised access to a personal computer by injecting code into its memory may sound a little far-fetched. However,
Strategy | Governance, Risk, and Compliance
How an Information Asset Register (IAR) Simplifies Compliance
By Skye Slater How an Information Asset Register (IAR) Simplifies Compliance in Queensland Agencies and Non-Government Organisations As a cyber security firm working closely with Queensland Government agencies, we understand
Developing a Cyber Security Strategy
Nick Young The Digital Frontline: Why Cyber Strategy Matters Every Australian organisation sits on the front lines of a complex and evolving digital battlefield. As former Australian Signals Directorate (ASD)
5 Questions Every Board Should Ask Their Executives
Directors, are you asking the right questions about your organisation’s cyber risks? We’re excited to share a new video resource from Division 5’s Head of Strategy revealing the 5 essential
New Legislation, So What?
By Abby Breytenbach Introduction There’s a lot of legislation, but it’s not always easy to figure out what it means, how it applies, and what it means for my organisation.