Australian data centre leader AirTrunk, backed by Blackstone, has struck a US$3 billion deal with Saudi Arabia’s HUMAIN, aligning with the Trump administration’s push for Western AI dominance. The partnership cements the Gulf as the new frontier for AI infrastructure and geopolitical tech power.
US pharmacy benefit manager MedImpact Healthcare Systems has confirmed a ransomware attack by the prolific Qilin gang. The group claims to have exfiltrated 160GB of data, including financial operation details and claims reports, raising significant concerns for the healthcare sector.
Microsoft has issued an out-of-band security update for a critical Remote Code Execution vulnerability, CVE-2025-59287, in its Windows Server Update Service. The flaw, which has a CVSS score of 9.8, is under active exploitation by threat actors, prompting a high-priority alert from CISA.
In a significant move towards strengthening global cybersecurity frameworks, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI), has unveiled new guidance titled "Modern Approaches to Network Access Security."
In a significant move towards strengthening global cybersecurity frameworks, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI), has unveiled new guidance titled "Modern Approaches to Network Access Security."
This initiative sees a convergence of efforts from international partners including New Zealand’s Government Communications Security Bureau (GCSB), New Zealand’s Computer Emergency Response Team (CERT-NZ), and the Canadian Centre for Cyber Security (CCCS).
This newly released guidance underscores the urgent need for businesses of all sizes to transition to more advanced security solutions, such as Zero Trust, Secure Service Edge (SSE), and Secure Access Service Edge (SASE).
These frameworks aim to enhance visibility into network activities and mitigate risks associated with traditional remote access and VPN configurations, which have become increasingly vulnerable in the face of sophisticated cyber threats.
CISA's Cross-Sector Cybersecurity Performance Goals (CPGs) play a crucial role in this initiative. These goals represent a common set of protections that all critical infrastructure entities—from large to small—should implement to meaningfully reduce the likelihood and impact of known risks and adversary techniques.
Developed through extensive consultation with industry, government, and experts, the CPGs provide a baseline set of cybersecurity practices with high-impact outcomes, serving as a benchmark for critical infrastructure operators to measure and improve their cybersecurity maturity.
By adopting these practices, small- and medium-sized organisations can prioritise essential security actions, thus kickstarting their cybersecurity efforts. The CPGs are unique as they address both individual and national risks, combining recommended practices for information technology and operational technology owners.
Last year, under the leadership of Home Affairs Minister Clare O’Neil, the Australian Federal Government unveiled its vision for the proposed National Cyber Security Strategy, focusing on a holistic approach towards cyber security adding resources including tailored strategies on education for small and medium businesses.
Released on November 22, 2023, the 2023-2030 Australian Cyber Security Strategy aims to position Australia as a global leader in cybersecurity by 2030.
The strategy emphasises six key cyber shields: strong businesses and citizens, safe technology, world-class threat sharing and blocking, protected critical infrastructure, sovereign capabilities, and resilient regional and global leadership.
The Australian Government has taken concrete steps by appointing a Cyber Coordinator lead by military intelligence veteran Michelle McGuinness In charge to responding to major cyber incidents and by enhancing cyber incident reporting through Project REDSPICE. The one-stop shop at cyber.gov.au simplifies incident reporting, making it easier for businesses to meet their regulatory obligations.
The release of guidance by CISA and its international partners marks a positive step towards concerted global cybersecurity cooperation.
This collaborative approach helps establish a unified framework for network access security, enhances threat intelligence sharing, and promotes the adoption of cutting-edge security models. As businesses worldwide grapple with evolving threats, adherence to this guidance is crucial in safeguarding network access and maintaining robust security postures.
Australian data centre leader AirTrunk, backed by Blackstone, has struck a US$3 billion deal with Saudi Arabia’s HUMAIN, aligning with the Trump administration’s push for Western AI dominance. The partnership cements the Gulf as the new frontier for AI infrastructure and geopolitical tech power.
Microsoft has issued an out-of-band security update for a critical Remote Code Execution vulnerability, CVE-2025-59287, in its Windows Server Update Service. The flaw, which has a CVSS score of 9.8, is under active exploitation by threat actors, prompting a high-priority alert from CISA.
Instagram has launched an AI-driven age verification tool in Australia ahead of the December 10 ban on under-16s using social media. The move aims to boost child safety but raises major privacy concerns, with experts warning of risks tied to surveillance, data misuse and unreliable accuracy.
Kmart’s facial recognition breach exposes more than a privacy violation. This extended analysis unpacks Wesfarmers’ compliance failures, the identity risks of biometric data, and how retail surveillance linking with social media could erode consumer trust.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
