Fraud is hardly a new phenomenon online, but organisations’ ability to detect and fight it has increased as ever-richer machine learning models help helping experts apply analytic techniques to detect “once in a blue moon” events such as business email compromise (BEC) and high-value financial transfers.
David Braue | 03 Jul | Read more
Web accelerator and CDN provider Cloudflare has become such a critical component of the web that when it goes down, so do many others.
VirusTotal, acquired by Google in 2012, is now again under Google as part of Chronicle's move to Google Cloud.
Over the first 6 months of 2019, I am seeing more and more accounts being taken over by malicious actors on office 365 and google mail where the attacker will create some rules in the backend to redirect emails of interest into deleted items, RSS feeds or any other folder they think may be overlooked by the user.
Craig Ford | 26 Jun | Read more
When it emerged years ago that the mobile phone of German chancellor Angela Merkel
David Braue | 25 Jun | Read more
Cyberattacks emanating from Iran have prompted a warning from US officials to use two-factor authentication.
This article is derived from a random thought I had during a presentation at the AusCERT2019 conference at the end of last month.
Craig Ford | 21 Jun | Read more
On May 13, a major security flaw in the popular messaging app, WhatsApp, was announced. The pervasive vulnerability, which affected both Apple and Android devices, allowed malicious actors to inject commercial spyware by ringing up unsuspecting targets using the WhatsApp’s VOIP-based call function.
Phil Zongo and Darren Argyle, CISM | 19 Jun | Read more
Google beefs up machine learning-powered Safe Browsing tech with human input from Chrome "power users".
Just as many CSOs are focused on automating their organisational threat response, many others are focused on improving their visibility of network traffic – which, with encryption increasingly used to protect legitimate application traffic and obfuscate malware command-and-control (C&C) traffic, has become ever more difficult to do.
David Braue | 14 Jun | Read more
A CEO’s poor password hygiene enabled an escalating series of attacks that capped off a 50-day hacking spree that sent several members of hacking group LulzSec to jail and caused significant financial and reputational damage for companies like Fox News, US broadcasters Fox News and PBS, and Sony’s PlayStation Network.
David Braue | 14 Jun | Read more
Google defends its Manifest V3 Chrome plans amid concerns it is protecting ad revenues.
CISOs in healthcare organisations are working hard to tighten security controls but pervasive issues with user errors, limited staff and financial resources, and a relentless flood of aggressive attacks by data-hungry cyberattackers, are hindering their progress – and even security executives admit they’re not doing anywhere near as good a job as they should be.
David Braue | 12 Jun | Read more
After Apple blocks Titan keys on iOS devices. Bluetooth might not have been such a good idea after all.
And thanks to the European Commission for funding a bug bounty for VLC.
Wow, I have to say a lot happened in the last two days of May 2019. I am not sure where exactly I should start but let's make it simple and start from the beginning – 4:30 am on Thursday the 30th of May.
Craig Ford | 04 Jun | Read more
It’s been over a year since the European Union enacted its GDPR data-privacy legislation – and as experts debate its effectiveness
David Braue | 04 Jun | Read more
iPhone and iPad will be offered an Apple alternative to easy Google and Facebook log in options.
Each year, AusCERT invites information security thought leaders from around the world to learn from each other through dozens of talks and sessions.
Anthony Caruana | 03 Jun | Read more
Armed with possibly the best job title ever given to a security professional - Security Empress - Jessy Irwin took a very non-typical path into the world of cybersecurity.
Anthony Caruana | 31 May | Read more