Don't Be A Sitting Duck Podcast
Episodes
CPS 234 Explained: Why Cyber Security Is a Board Issue
21 Dec 2025
Contributed by Lukas
Cyber security is no longer just an IT problem—it’s a board-level responsibility. In this episode, Leigh Kefford breaks down APRA’s CPS 234 Info...
Day 12: Your Phishing Defence Checklist — The Complete Guide
11 Dec 2025
Contributed by Lukas
Day 12 — The Grand Finale of the National PC 12 Days of Phishmas! This episode brings together everything covered throughoutthe series into a compl...
Day 11: User Behaviour — The #1 Cybersecurity Risk
10 Dec 2025
Contributed by Lukas
Day 11 of the National PC 12 Days of Phishmas! Today we explore why user behaviour is the biggestcybersecurity risk for every organisation.Technology...
Day 10: The Ransomware Attack Chain — How One Click Leads to Disaster
09 Dec 2025
Contributed by Lukas
Day 10 of the National PC 12 Days of Phishmas! Ransomware attacks don’t start with encryption — they startwith access, usually through a phishing...
Day 9: Social Engineering & Data Harvesting — How Attackers Study You Before They Strike
08 Dec 2025
Contributed by Lukas
Day 9 of the National PC 12 Days of Phishmas! Cybercriminals don’t always break into systems — sometimesthey break into people.This episode explo...
Day 8: Account Takeover & Hijacked Email Threads — When Cybercriminals Become You
07 Dec 2025
Contributed by Lukas
Day 8 of the National PC 12 Days of Phishmas! Today we’re breaking down Account Takeover (ATO) andHijacked Email Threads — two of the most convin...
Day 6: Malicious Attachments & Cloud File Scams — The Hidden Threat in Your Inbox
07 Dec 2025
Contributed by Lukas
Why fake documents and shared file links are one of the most dangerous phishing threats for businesses.Day 6 of the 12 Days of Phishmas!Today’s epis...
Day 1: The Most Common Phishing Red Flags — What to Watch For
04 Dec 2025
Contributed by Lukas
🎄 Welcome to Day 1 of the 12 Days of Phishmas!We’re kicking off the series with the foundation of all cyber awareness:🔍 The Most Common Phishi...
Australia’s Retailers Are Quietly Bringing Back Facial Recognition
04 Dec 2025
Contributed by Lukas
Australian retailers are quietly reintroducing facial recognition technology—even after public backlash. In this episode, Leigh breaks down why stor...
Cyber-Attack Shuts Down London Councils; Aussie Industry Breaches Exposed
02 Dec 2025
Contributed by Lukas
In this episode, we look at a major cyber-attack that forced multiple London councils offline, cutting essential services for hundreds of thousands of...
Vietnam’s Social Media Heists & The Rise of Asia’s Cybercrime Underground
01 Dec 2025
Contributed by Lukas
Vietnam’s cybercriminals aren’t just hacking servers — they’re hijacking social media business accounts. In this episode, Leigh Kefford breaks...
Human Error & Ransomware Risks for Australian Businesses
04 Nov 2025
Contributed by Lukas
In this episode of Don’t Be A Sitting Duck, I break down two critical risks for Australian organisations: the rising role of human error in data bre...
Ransomware Realities: What You Need to Know
02 Nov 2025
Contributed by Lukas
Ransomware has become the most disruptive threat facing Australian businesses today. From small councils to local manufacturers, attacks are happening...
NSW AI Data Breach & Telco Hack – What Your Business Can Learn
01 Nov 2025
Contributed by Lukas
Today’s episode unpacks two alarming cybersecurity incidents in Australia that should act as red alerts for every business. First, we look at how a ...
Australian Ransomware Wave Hits Law, Boats & Aviation
31 Oct 2025
Contributed by Lukas
This week on the Don’t Be A Sitting Duck Podcast, Leigh Kefford explores three major Australian cyber incidents — revealing how ransomware groups ...
Qantas Data Leak & Australia’s $5.8M Privacy Penalty
12 Oct 2025
Contributed by Lukas
In this episode, we dig into two gripping and high-stakes stories in cybersecurity. First, Qantas is one of nearly 40 global firms being extorted over...
Cyberattacks on Pharmacy, Brewer & UK Nursery
01 Oct 2025
Contributed by Lukas
In this episode of the Don’t Be A Sitting Duck Podcast, Leigh Kefford unpacks three alarming cyber incidents that reveal just how far attackers are ...
Chinese APT Threats Targeting Australian Critical Infrastructure
01 Sep 2025
Contributed by Lukas
In this episode, we unpack the alarming rise of state‑sponsored Chinese cyber actors compromising critical infrastructure—from backbone routers to...
Microsoft 365 Calendar Phishing: Don’t Let Invites Fool You
01 Sep 2025
Contributed by Lukas
This episode uncovers a stealthy cyber‑attack slipping through inbox filters: Microsoft 365 calendar phishing. Scammers send fake billing alerts—...
FileFix Attack: Clipboard‑Based Threat Every Business Must Know
01 Aug 2025
Contributed by Lukas
In this episode, we dig into the newly discovered FileFix attack—a clever and stealthy cyber trick that exploits how people use their clipboard. No ...
Qantas Data Breach: Customer Info Leaked via Vendor
02 Jul 2025
Contributed by Lukas
Qantas has joined the long list of major companies hit by cybercrime — this time, through a third-party contact centre platform. In this special Don...
Ransomware Realities: What You Need to Know
01 Jul 2025
Contributed by Lukas
Ransomware is more dangerous — and more accessible — than ever before. In this episode of Don’t Be A Sitting Duck, Leigh Kefford breaks down wha...
CPS 234: What It Means for Your Business in 2025
06 Jun 2025
Contributed by Lukas
Is your business really ready for a cyberattack? If you’re in banking, insurance, or superannuation — APRA’s CPS 234 isn’t just a suggestion, ...
Ransomware Payment Laws Now Mandatory: What You Must Report
05 Jun 2025
Contributed by Lukas
From 30 May 2025, Australian businesses earning over $3 million per year must report any ransomware or cyber extortion payments to the government with...
Healthcare Breach Fears, Retail Attacks & New Ransomware Laws
05 Jun 2025
Contributed by Lukas
Fatalities caused by cyberattacks in hospitals? That’s what healthcare leaders are bracing for—and that’s just the beginning. In this episode of...
Cybersecurity Threats: Unmanaged Assets, AI Misinformation, and Banking Breaches
01 May 2025
Contributed by Lukas
In this episode, we delve into the pressing cybersecurity issues facing Australia today. From the dangers of unmanaged digital assets to the rise of A...
Australia Hit by Infostealer Malware: Banking Credentials Sold Online
29 Apr 2025
Contributed by Lukas
Thousands of Australians have had their online banking passwords stolen by stealthy infostealer malware like RedLine and Raccoon Stealer. These creden...
Super Fund Cyberattack: What Went Wrong & How to Stay Safe
04 Apr 2025
Contributed by Lukas
A coordinated cyberattack hit several Australian super funds—including AustralianSuper, Hostplus, and Rest—leading to major financial and data los...
Ransomware Attacks Hit Record High – Are You at Risk?
18 Mar 2025
Contributed by Lukas
February 2025 saw ransomware attacks hit an all-time high, with cybercriminals exploiting software vulnerabilities to hold businesses hostage. At the ...
Major Cyber Incidents: Brydens Lawyers Breach, ASIC's Action Against FIIG Securities, and Ballista Botnet Threat
18 Mar 2025
Contributed by Lukas
In this episode, we delve into recent significant cybersecurity incidents: a massive data breach at Brydens Lawyers, ASIC's legal action against F...
Cybersecurity in Papua New Guinea: Are They Ready for the Digital Future?
15 Mar 2025
Contributed by Lukas
Papua New Guinea is going digital—but is it secure?In this episode of Don't Be a Sitting Duck, we dive into the cybersecurity challenges facing ...
Genea IVF Data Breach Exposes Sensitive Health Records
08 Mar 2025
Contributed by Lukas
A major cybersecurity breach has rocked Australia’s healthcare sector. Genea, a leading IVF provider, was hit by a cyberattack that compromised sens...
APRA’s CPS 230 & CPS 234: Strengthening Operational & Cyber Resilience
25 Feb 2025
Contributed by Lukas
In this episode of Don't Be A Sitting Duck, we unpack APRA’s latest regulatory updates: CPS 230 on Operational Risk Management and CPS 234 on Infor...
Lazarus Group’s $21M Crypto Heist & Australian IVF Data Breach
24 Feb 2025
Contributed by Lukas
Cybercriminals are relentless, and this week’s stories prove just how high the stakes are. North Korea’s Lazarus Group Strikes Again: The notorio...
PNG Tax Office Cyberattack – What It Means for Businesses & Government
16 Feb 2025
Contributed by Lukas
Papua New Guinea’s Tax Office Hacked – What You Need to Know! The Internal Revenue Commission (IRC) of Papua New Guinea has suffered a devastatin...
Game Over: Steam Malware, Romance Scam Script, and Cybersecurity Awareness
15 Feb 2025
Contributed by Lukas
Is your favorite game a cybersecurity threat? In today’s episode of Don't Be A Sitting Duck, we dive into a shocking Steam malware case where a popu...
CommBank & Telstra’s Fraud Tech, Valentine’s Phishing Scams, and Cybercrime as a National Security Threat
12 Feb 2025
Contributed by Lukas
In this episode of Don't Be A Sitting Duck, we’re breaking down three major cybersecurity threats that businesses need to be aware of: CommBank & Te...
Apple’s Zero-Day Patch, Healthcare Cyber Risks & Australia’s Cyber Attack Surge
11 Feb 2025
Contributed by Lukas
In today’s episode, we dive into three critical cybersecurity threats that businesses can’t afford to ignore. Apple has just released an urgent pa...
DeepSeek AI – A Cyber Threat You Can’t Ignore
10 Feb 2025
Contributed by Lukas
Artificial Intelligence is evolving, but so are cyber threats. In this episode of Don't Be A Sitting Duck, we break down DeepSeek AI and how cybercrim...
North Korean Hackers, LinkedIn Scams & ACSC Phishing Warnings
09 Feb 2025
Contributed by Lukas
Welcome to another episode of Don’t Be A Sitting Duck! This week, we uncover shocking cybersecurity threats that businesses and individuals must be ...
Thermomix Recipe Community Data Breach – What You Need to Know
07 Feb 2025
Contributed by Lukas
Vorwerk, the company behind Thermomix, has confirmed a data breach affecting users of its Recipe Community forum in Australia, New Zealand, and severa...
47 Million Data Breaches in 2024 + AI Bans & Windows 11 Warnings
06 Feb 2025
Contributed by Lukas
In this episode of Don't Be A Sitting Duck, we break down three major cybersecurity stories affecting businesses today: DeepSeek AI Banned – Why th...
After the Flood: Protecting Your Business from Hidden Cyber Threats
03 Feb 2025
Contributed by Lukas
Floods can devastate businesses, causing physical damage and operational chaos—but the risks don’t stop there. In this episode of Don't Be A Sitti...
03/02/2025 - Apple Gift Card Scams: How They Work and How to Avoid Them
02 Feb 2025
Contributed by Lukas
In this episode of Don’t Be A Sitting Duck Podcast, we’re uncovering the tricks behind Apple gift card scams—one of the most common and deceptiv...
The National PC Way: Simplifying IT to Empower Your Business
02 Feb 2025
Contributed by Lukas
Why keep juggling IT providers when you can have it all in one place? In this episode of Don’t Be A Sitting Duck Podcast, we break down The National...
31/01/2025 - DeepSeek AI Warning, Dover’s Cybersecurity Emergency, and 2025 Cyber Priorities
30 Jan 2025
Contributed by Lukas
In today’s episode of Don’t Be A Sitting Duck Podcast, we break down three major cybersecurity developments: DeepSeek AI Privacy Concerns – Aus...
SPECIAL - Take Caution: Cyclone Preparedness for North Queensland Businesses
30 Jan 2025
Contributed by Lukas
With a potential cyclone approaching North Queensland, now is the time to ensure your business is ready. In this special ‘Take Caution’ episode, w...
30/01/2025 - Numberless Debit Cards, CREST Accreditation, and Rising Email Attacks
29 Jan 2025
Contributed by Lukas
In today’s episode of Don’t Be A Sitting Duck Podcast, we cover three critical topics shaping the cybersecurity landscape: Numberless Debit Cards...
29/01/2025 - AI Cyber Threats, Open Security Doors, and PIN Code Weaknesses
28 Jan 2025
Contributed by Lukas
In this episode of the Don’t Be A Sitting Duck Podcast, we unpack three critical cybersecurity stories every business owner needs to know: EU’s C...
SPECIAL - SIM Swapping in Australia: Don’t Let Scammers Hijack Your Life
27 Jan 2025
Contributed by Lukas
SIM swapping is one of the fastest-growing cyber threats in Australia, and it’s hitting closer to home than you think. Scammers are finding ways to ...
28/01/2025 - Cl0p Ransomware, PayPal Fine, and Clutch Industries Cyberattack
27 Jan 2025
Contributed by Lukas
In this episode of Don’t Be A Sitting Duck Podcast, we explore three critical cybersecurity stories making headlines: Cl0p Ransomware Targets Austr...
27/01/2025 - Shady Hosting, Record DDoS Attack, and Subaru’s Connected Car Risks
26 Jan 2025
Contributed by Lukas
In today’s episode of Don’t Be A Sitting Duck Podcast, we explore three critical cybersecurity stories you need to know: Bulletproof Hosting Prov...
24/01/2025 - JB Hi-Fi Data Claims, HPE Breach Investigation, and TikTok Phones on eBay
23 Jan 2025
Contributed by Lukas
In this episode of Don’t Be A Sitting Duck Podcast, we dive into three fascinating cybersecurity stories making waves: JB Hi-Fi Data Breach Claim ...
23/01/2025 - Ransomware Gangs, End-of-Support for Microsoft Exchange, and TikTok Privacy Concerns
23 Jan 2025
Contributed by Lukas
In this episode of Don’t Be A Sitting Duck Podcast, we explore three major cybersecurity stories that every business owner needs to know: Ransomwar...