ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper"
Episode Synopsis
Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus.
As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.
While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.
As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.
While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.
More episodes of the podcast The Cosive Podcast - Cyber Threat Intelligence and Security Operations
Becoming a FIRST.org Member (Forum of Incident Response and Security Teams) with Terry MacDonald
26/08/2025
CTI-CMM: Improving Cyber Threat Intel Maturity with Colin Connor, Terry MacDonald & Prescott Pym
27/05/2025
Threat Sharing Communities with Prescott Pym
01/04/2025
Securing Medical Devices with Emily Etchell
19/10/2023
In God we trust