https://www.davehall.com.au/tags/infosec/Recent content in Infosec on Dave Hall ConsultingHugoen-auFri, 10 Dec 2021 00:00:00 +0000https://www.davehall.com.au/blog/2021/12/10/does-github-enterprise-cloud-make-your-organisation-less-secure/Fri, 10 Dec 2021 00:00:00 +0000https://www.davehall.com.au/blog/2021/12/10/does-github-enterprise-cloud-make-your-organisation-less-secure/GitHub’s oAuth scopes could leave organisations vulnerable.https://www.davehall.com.au/blog/2021/02/12/lost-parcel-results-new-website/Fri, 12 Feb 2021 00:00:00 +0000https://www.davehall.com.au/blog/2021/02/12/lost-parcel-results-new-website/When Australia Post lost a parcel, we found a lot of problems with one of their websites.https://www.davehall.com.au/blog/2020/04/01/zooms-make-or-break-moment/Wed, 01 Apr 2020 00:00:00 +0000https://www.davehall.com.au/blog/2020/04/01/zooms-make-or-break-moment/Covid-19 has fuelled massive growth for Zoom. Will this motivate them to fix their security problems?https://www.davehall.com.au/blog/2015/05/15/leaking-information-drupal-urls/Fri, 15 May 2015 00:00:00 +0000https://www.davehall.com.au/blog/2015/05/15/leaking-information-drupal-urls/Update: It turns out the DA was trolling. We all now know that DrupalCon North America 2016 will be in New Orleans. I’ve kept this post up as I believe the information about handling unpublished nodes is relevant. I have also learned that m4032404 is enabled by default in govCMS. When a user doesn’t have access to content in Drupal a 403 forbidden response is returned. This is the case out of the box for unpublished content.