Blog - Page 20 of 158 - Techbest - Top Tech Reviews In Australia

Government Encourages Vulnerability Research, Notifies Insurers and Non-Profits

Vanessa May on July 30, 2025


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

Government Advocates for Vulnerability Research, Notifying Insurers and Non-Profits

Quick Summary

  • The Australian government is enhancing its cyber security strategy, transitioning to horizon two, with an emphasis on browser-level threat mitigation.
  • Possible governmental involvement in the cyber insurance sector to aid small and medium enterprises and non-profit organizations.
  • Conversations on synchronizing cyber regulations to elevate organizational cyber maturity.
  • Focus on data protection as artificial intelligence advances and handles an increasing volume of data.
  • Increased safeguarding and incentives for vulnerability researchers in Australia.
  • Augmented security protocols for non-profits to safeguard sensitive information.

Cyber Security Strategy: Shift to Horizon Two

Development of Australian government cyber security strategy

The Australian government is intensifying its efforts regarding its cyber security strategy, with a transition from horizon one to horizon two, covering the period from 2026 to 2028. This strategy revolves around six strategic ‘shields’ intended to strengthen Australia’s cyber defenses.

Possible Involvement in Cyber Insurance

The federal government is considering intervention in the cyber insurance landscape to make services more attainable for small enterprises and non-profit organizations. While insurance facilitates swift recovery from cyber incidents, accessibility is frequently hampered by financial barriers and technical prerequisites. The government seeks to enhance the availability of these products without disrupting the market.

Regulatory Talk

A discussion is being promoted to evaluate if the existing cyber regulations and compliance legislation have limited the cyber maturity of organizations. The government proposes possible amendments to consolidate these laws and enhance their effectiveness.

Emphasis on Data Transmission

As AI progresses, understanding data movement and access becomes imperative. The government has plans to bolster data security to mitigate risks that come with the rising use of AI across sectors.

Initiatives for Vulnerability Research

Acknowledging the significance of vulnerability researchers as vital assets, the government aims to provide improved protections and incentives for their contributions. This may include the establishment of a vulnerability disclosure program for secure reporting.

Enhancements to Browser-Level Security

In transitioning to a more intricate threat blocking approach, the government will concentrate on browser-level security to supplement current large-scale initiatives. This program intends to boost awareness and uptake of enhanced browser security features.

Fortifying Cyber Security for Non-Profits

Due to their dependence on volunteers and limited funding, non-profits encounter distinct obstacles in upholding cyber security. The government is prioritizing the enhancement of cyber resilience within this domain to secure sensitive data and preserve public confidence.

Conclusion

The Australian government’s advancement to horizon two of its cyber security strategy signifies a major leap forward in bolstering national cyber resilience. By concentrating on enhancing insurance access, regulatory reform, data security, and backing for vulnerability research, the strategy aims to strengthen defenses against emerging cyber threats.

Q&A

Q: What are the primary objectives of Australia’s updated cyber security strategy?

A:

The strategy is geared towards improving cyber resilience through enhanced threat mitigation, better access to cyber insurance, more streamlined regulations, and fortified data security protocols.

Q: In what ways will the government assist vulnerability researchers?

A:

The government plans to provide increased protections and incentives for researchers, potentially through a formal vulnerability disclosure initiative.

Q: What’s the significance of focusing on not-for-profits?

A:

Not-for-profits frequently struggle with resources necessary for adequate cyber security, rendering them susceptible. The government aims to bolster their capacity to secure sensitive data and uphold public trust.

Q: What transformations are anticipated in cyber insurance?

A:

The government might intervene to enhance the accessibility and affordability of cyber insurance for small businesses and non-profits, ensuring broader coverage and protection.

Google’s Gemini CLI Agent Represents a Concealed Malware Risk

Matthew Miller on July 29, 2025


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

  • The Gemini CLI agent from Google is prone to executing covert harmful commands.
  • The flaw was uncovered by security researcher Sam Cox.
  • This vulnerability entails inadequate validation, prompt injection, and confusing user experience.
  • Google has updated the status of the vulnerability to Priority 1, Severity 1.
  • Users are encouraged to upgrade to Gemini 0.1.14 for improved protections.
  • Activating sandboxing can thwart the attack, although it is not set as default.

Grasping the Gemini CLI Weakness

The Google Gemini CLI agent, built to connect with Google’s sophisticated AI language model using textual commands, has been identified to possess a critical vulnerability. Detected by Tracebit security researcher Sam Cox, this flaw permits the execution of harmful commands without the user’s knowledge.

The Detection Method

Cox found the vulnerability via a combination of inadequate validation, prompt injection, and misleading user interface. By inserting a prompt within a README.md file—along with a seemingly harmless Python script—Cox illustrated how credentials could be siphoned off using “env” and “curl” commands to a distant server.

Google’s Action Against the Risk

Initially rated as Priority 2, Severity 4, the vulnerability was reclassified by Google to Priority 1, Severity 1 following further investigation. This reassessment emphasizes the risk of major data breaches and unauthorized access.

Recommended User Measures

Users are strongly encouraged to update to Gemini 0.1.14, which offers new protections against shell code execution. Moreover, enabling sandboxing can provide additional defense to systems, though it is not automatically turned on during installation.

Mitigation Techniques

To reduce the threat posed by this vulnerability, users should promptly update their software and activate sandboxing. Sandboxing establishes an isolated environment that can prevent unauthorized code from impacting the host system.

Significance of Timely Updates

Continuous updates and prompt patching are essential for ensuring the safety of software utilities like the Gemini CLI. Users must remain alert and responsive to any security alerts from developers.

Risk posed by the Gemini CLI agent from Google

Conclusion

The Google Gemini CLI agent exhibits a serious security vulnerability that may enable silent operations of malicious commands. Uncovered by Sam Cox, this problem underscores the need for proper validation and thoughtful user interface design in terms of security. Users are advised to upgrade to the latest version and activate sandboxing for system protection.

Questions and Answers

Q: What is the Google Gemini CLI agent?

A: It serves as a text-oriented command interface meant to connect with Google’s AI large language model.

Q: How was the vulnerability identified?

A: The flaw was uncovered by security researcher Sam Cox through a series of improper validations, prompt injections, and a misleading user experience.

Q: What steps should users follow?

A: Users should upgrade to Gemini 0.1.14 and activate sandboxing to protect against possible threats.

Q: Why is sandboxing significant?

A: Sandboxing creates a separate environment that can stop harmful code from impacting the primary system.

Q: How did Google react to the vulnerability?

A: Google updated the classification of the vulnerability to Priority 1, Severity 1 and encouraged users to refresh their software.

Q: Is the vulnerability resolved in the latest edition?

A: The latest edition, Gemini 0.1.14, comprises protections against shell code execution.

Bluetooth Headphones Wireless in-Ear – Bluetooth 5.3 Hi-Fi Stereo Deep Bass Wireless Headphones Noise Cancelling CVC Wireless Earbuds 35 Hours Playtime 13 mm Driver Earphones Waterproof USB C Review

Matthew Miller on July 29, 2025


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

Bluetooth Headphones Wireless in-Ear – Bluetooth 5.3 Hi-Fi Stereo Deep Bass Wireless Headphones Noise Cancelling CVC Wireless Earbuds 35 Hours Playtime 13 mm Driver Earphones Waterproof USB C

Bunnings Tests AI Innovations to Improve Operations for 55,000 Staff

Vanessa May on July 29, 2025


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

AI Evolution at Bunnings

Brief Overview

  • Bunnings is utilizing AI to gain insights into and develop its workforce of 55,000 staff members.
  • Investment in Workday technology has increased significantly, providing new AI tools like the Skills Cloud.
  • AI is intended to establish clearer career paths and enhance employee retention.
  • Additional resources such as Talent Optimization and HiredScore aid in strategic recruitment.
  • AI chatbots have been introduced for operational inquiries, transitioning Bunnings’ culture towards self-service.

AI-Driven Workforce Development at Bunnings

Bunnings is adopting artificial intelligence (AI) to transform the management and understanding of its large workforce of 55,000 employees. This initiative aims to promote career growth and retain skilled individuals by providing clearer career paths within the organization.

Bunnings investigates AI to enhance employee management

Committing to Technological Progress

At a recent Workday Elevate summit, Jeff Rodway, Bunnings’ Head of Remuneration, People Systems, and Services, emphasized the company’s dedication to a “significant technology evolution” in its people and culture operations. This includes a major boost in investment in Workday, effectively doubling the array of AI tools available.

Central to this movement is the Workday Skills Cloud, driven by AI technology dubbed ‘Illuminate’. While still in its developmental phase, it has already produced promising outcomes in pilot initiatives.

Improving Employee Engagement

Bunnings is leveraging methods like Talent Optimization and HiredScore to ensure current employees are aligned with available positions and to cultivate talent pools for upcoming opportunities. This strategy is anticipated to greatly lessen the time and expenses linked to external recruitment.

Future objectives include incorporating advanced analytical tools such as People Analytics and Prism Analytics to provide deeper insights into the workforce, facilitating data-informed decision-making.

The Rollout of AI Chatbots

Beyond backend solutions, Bunnings is deploying AI chatbots to support employees with operational inquiries. This initiative represents a cultural shift towards self-service, empowering employees to seek information autonomously instead of depending on conventional interpersonal interactions.

Rodway acknowledges that while this transition is considerable, the ultimate aim is to boost operational efficiency and productivity via AI. The emphasis continues to be on fostering a more inclusive atmosphere and making informed management choices.

Conclusion

Bunnings is leading the way in incorporating AI technology into its operations, focusing on enhancing employee development and retention. Through strategic investments in platforms like Workday, Bunnings is improving its recruitment processes while cultivating a culture of innovation and self-service.

Q: What is the primary aim of Bunnings’ AI initiative?

A: The main goal is to better understand and develop the workforce, establishing career pathways and enhancing employee retention.

Q: How is Bunnings employing AI to improve its recruitment process?

A: Bunnings is utilizing resources like Talent Optimization and HiredScore to align current employees with available roles, decreasing the reliance on external hiring.

Q: What impact are AI chatbots having at Bunnings?

A: AI chatbots are transitioning the organizational culture towards self-service, enabling employees to address operational questions independently.

Q: What impact will AI have on Bunnings’ management strategies?

A: AI will facilitate more data-driven and inclusive management strategies, aimed at minimizing hiring times and enhancing operational efficiency.

Is Your Security Approach Ready as AI Enters the Workforce?

David Leane on July 28, 2025


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

AI in the Workforce: Transforming Security Approaches

Brief Overview

  • AI is moving from a supportive function to a leading role within the workforce.
  • Conventional identity governance falls short in AI-oriented environments.
  • AI entities with enhanced access levels present serious security threats.
  • Automated, AI-driven identity management is essential for safeguarding security.
  • Leadership must align identity strategies with AI projects.

AI: The New Leader in the Workforce

AI is entering the workforce. Is your security framework ready?

The adoption of Agentic AI in business practices is transforming today’s workforce. As AI evolves from a supportive role into a key player, companies must navigate a substantial change in security and governance frameworks.

The Emergence of Machines and the Decline of Traditional Thinking

Conventional identity governance, focused on human employees, is becoming irrelevant. AI agents are introduced via IT projects without standard protocols, resulting in a rise of poorly governed, excessively privileged non-human identities.

The Human Price, The Risk of Machines

While AI offers improved efficiency, it also brings forth notable security vulnerabilities. AI agents demand enhanced access, thereby enlarging the attack surface that can be targeted by malicious actors. Many businesses, especially in Australia, lack the mechanisms needed to address these risks.

Updating Machine Identity Lifecycle Management

Businesses require AI-enhanced identity lifecycle management to streamline access provisioning and maintain real-time visibility. This strategy is vital for upholding compliance and enforcing security measures in an AI-centric ecosystem.

Leaders Must Embrace This Transformation

The challenge of overseeing AI and human identities goes beyond the IT department. Senior leaders need to work collaboratively across various departments to refresh identity governance and embed it into all AI-related initiatives.

Conclusion

With AI becoming a vital element of the workforce, organisations in Australia must evolve their identity management approaches to lessen security dangers. This entails automating identity lifecycle management and promoting interdepartmental collaboration to excel in the AI-fueled enterprise landscape.

Questions & Answers

Q: Why is conventional identity governance insufficient for AI?

A: Conventional strategies concentrate on human identities and are ill-equipped to manage the swift, extensive arrival of AI agents, resulting in governance voids and security concerns.

Q: What risks do AI agents with enhanced access present?

A: Proper management is lacking, meaning AI agents with elevated access create a broader attack surface, heightening the possibility of exploitation by cyber threats.

Q: How can organisations enhance identity management for AI?

A: Through the adoption of automated, AI-enhanced identity lifecycle management systems that offer real-time insights and uphold least privilege access principles.

Q: What role do leaders play in authority governance for AI?

A: Leaders from different departments must collaborate to weave identity strategies into AI initiatives, guaranteeing thorough governance and security.

Q: In what way does AI integration affect organisational security strategies?

A: The integration of AI necessitates a shift in security tactics to confront the distinctive challenges of managing non-human identities and assuring stringent access control.

Q: Why is a “kill switch” important for AI agents?

A: A “kill switch” enables organisations to instantly revoke access for AI agents that act unpredictably, reducing potential security perils.

Orica Enhances GenAI Features with Now Assist

Nicholas Webb on July 28, 2025


We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

Orica’s AI Transformation in IT Support

Quick Overview

  • Orica incorporates 20 AI-enhanced capabilities into its IT service desk.
  • The organization recently implemented five new AI use cases using Now Assist.
  • AI workloads now encompass 75% of Orica’s IT support team.
  • Virtual agents’ success rate has doubled since the rollout.
  • Orica has transitioned from a tech-driven to a process-driven AI strategy.
  • ServiceNow Control Tower set to bolster AI scaling and governance.

Orica’s AI Growth in IT Support

Orica, a frontrunner in explosives and blasting systems, is revamping its IT service desk operations with cutting-edge AI functionalities. A year post the integration of ServiceNow’s generative AI suite, the firm has introduced 20 AI-enabled capabilities, recently highlighting five groundbreaking use cases via the Now Assist toolkit.

Orica enhances GenAI capabilities with Now Assist

Success and Adoption Driven by AI

Bradley Hunt, Orica’s DevOps and regional apps manager, underscored the significant influence of AI on the IT support team, with AI now assigning tasks to 75% of the team in the past quarter. During the ServiceNow World Forum in Sydney, Hunt mentioned that the initial strategy was tech-driven, aimed at acquainting staff with AI functionalities.

After joining the early access program for Now Assist, Orica swiftly doubled its virtual agents’ success rate, currently rerouting 94% of effective flows from the service desk. The engagement with AI among IT personnel has surged by 70% over the last six months, enabling roughly 12,000 AI-driven actions each month.

Transitioning from Tech-Led to Process-Led

Orica has effectively moved to a process-led methodology, concentrating on weaving AI into team workflows to optimise return on investment. The organization’s approach includes outlining team processes to locate areas where AI can reduce or eliminate steps, which enhances operational efficiency and governance.

ServiceNow Control Tower for Future Development

Orica is overseeing its AI demand and governance through the ServiceNow platform, acting as a singular source of truth for converting AI concepts into production-ready solutions. CIO Rachael Sandel highlighted the importance of the ServiceNow Control Tower in offering visibility, coordination, and automation to support AI scaling.

“It’s not solely about technology,” Sandel remarked. “It’s about fostering an environment where AI can flourish.”

Conclusion

Orica’s deployment of ServiceNow’s generative AI suite within its IT service desk has significantly enhanced efficiency and adoption rates. With a transition from tech-driven to process-driven approaches, Orica is set to further advance its AI capabilities leveraging the ServiceNow Control Tower.

Q&A

Q: What is Orica’s main objective with AI integration?

A: Orica seeks to improve efficiency and effectiveness in IT support by incorporating advanced AI functionalities.

Q: What has been the effect of AI on Orica’s IT support team?

A: AI has assigned tasks to 75% of the IT support personnel, markedly enhancing workflow and productivity.

Q: What is the forthcoming step in Orica’s AI strategy?

A: The next step involves leveraging the ServiceNow Control Tower for enhanced visibility, coordination, and automation.

Q: How has the adoption of virtual agents evolved at Orica?

A: The success rate with virtual agents has increased, deflecting 94% of effective flows from the service desk.

Q: What does the transition from tech-led to process-led mean?

A: It signifies a focus on integrating AI into workflows to enhance efficiency and ROI, rather than merely implementing technology.