AusCERT 2012: Flash drive problem — even deleted data can leak
Securing data on Flash media is harder than most people believe, Peter Jamieson of UL subsidiary Witham Laboratories, told AusCERT delegates.
Richard Chirgwin | 18 May | Read more
Securing data on Flash media is harder than most people believe, Peter Jamieson of UL subsidiary Witham Laboratories, told AusCERT delegates.
Richard Chirgwin | 18 May | Read more
Salt Group principal Ross Oakley has told AusCERT delegates that the 20-year life cycle of token-based authentication is drawing to a close. “They managed the risks of the day,” he said, but “business flexibility, a much more hostile risk landscape, and demanding end users” are driving the change.
Richard Chirgwin | 18 May | Read more
SCADA system managers need to learn to better understand the world of cybersecurity, rather than rely on a misplaced faith in “air gaps” for protection, says Eric Byres, VP and CTO of engineering of Tofino Security.
Richard Chirgwin | 18 May | Read more
Eugene Kaspersky has reiterated his long-standing support for Internet IDs, and called for all SCADA systems to be redesigned around a secure operating system, to protect critical infrastructure from cyber-attack.
Richard Chirgwin | 18 May | Read more
Social networking operators like Facebook and Twitter need to consider themselves much more vulnerable to attacks – not because they are more vulnerable or more attractive to criminals than previously, but because of the entry of the state as an actor in security threats.
Richard Chirgwin | 18 May | Read more
Perhaps it’s because of the thematic thread that I’ve been following at AusCERT today – along with some of the people I’ve spoken to during the course of the conference – but its hard to escape the conclusion that the “Internet of Things” will create a host of new attack vectors that will probably only become clear after we have enthusiastically adopted a new technology: that’s the way it always goes.
Richard Chirgwin | 17 May | Read more
Spying might have a long and sensationalised image in pop culture, Sense of Security’s Murray Goldschmidt says, “it’s not so enjoyable when the spying is on you”.
Richard Chirgwin | 17 May | Read more
At the very best, Android security is so difficult and runs into so many interactions that it may not be solvable, according to Tim Vidas, who looked at the question at AusCERT.
Richard Chirgwin | 17 May | Read more
Organised ‘hacktivist’ attacks from groups like Anonymous can be mitigated and defended against, Tal Be’ery of Imperva has told delegates to AusCERT. However, companies that might be targets for such attacks need to understand that hacktivists are no longer primarily concerned at launching a DDoS against their target site.
Richard Chirgwin | 17 May | Read more
The company’s John Leisoboer told AusCERT delegates yesterday that the pilot network will test its capabilities over a 500 Km link from NASA Ames to the JPL in Pasadena.
Richard Chirgwin | 17 May | Read more
Intrusion detection systems’ “needy and noisy” behavior is aligning with a serious, ongoing skills shortage in IT security to turn the IDS into a box that generates alerts which are largely ignored, he told delegates to AusCERT.
Richard Chirgwin | 16 May | Read more
The first is that the delegates don’t seem to have seen it this way. Nobody seemed to doze off early this afternoon after even the third session with a predominantly legal focus (Nick Abrahams of Norton Rose following Bill Caelli following Robert Clark).
Richard Chirgwin | 16 May | Read more
Slowly changing attitudes in the government and private sector are contributing more to inhibiting the growth of cloud computing than any real risks posed by laws such as America’s Patriot Act, according to IT lawyer Nick Abrhams.
Richard Chirgwin | 16 May | Read more
The legal black hole of Internet security is hampering efforts to respond to attacks, according to Emeritus Professor Bill Caelli of Queensland University of Technology.
Richard Chirgwin | 16 May | Read more