The balancing act between security and usability is hard to achieve. Inevitably, compromises are made either by system designers or wily users who find ways to circumvent complex rules and processes. But researchers from the University of Pretoria in South Africa have been conducting research and designed a new approach to authentication.
Anthony Caruana | 26 Jun | Read more
Think of the perfect attack like the perfect murder. It must be planned carefully and meticulously then executed systematically and flawlessly. Remember all the small detail in Hitchcock’s “The Rear Window”? No-one would have noticed anything or even missed the victim if it weren’t for Jimmy Stewart, who, with a broken leg had nothing better to do all day than to gaze out his rear window.
Dr Claudia Johnson | 26 Jun | Read more
HP's annual Pwn2Own contest has been run and won. Critical flaws in every major browser, which allowed remote code execution, were found as well as issues with Adobe's Flash and Reader products. Pwn2Own is a hacker contest that runs within the CanSecWest event in Vancouver. Hackers are offered cash prizes as incentives as well as donations of computer hardware and other prizes given to the security researchers.
Anthony Caruana | 15 Mar | Read more
Hackers are adapting distributed denial of service (DDoS) attacks and combining these with social engineering tactics to try and infiltrate banks during 2013, warns Gartner.
Hamish Barwick | 25 Feb | Read more
Enterprise information security in Australia could come under much greater scrutiny with the nation’s Information Commissioner looking to drill down deeply into the details of an organisation’s security practices after a breach.
In this series, Computerworld Australia examines some of the information security threats facing small businesses and larger enterprises today. We’ve looked at [[artnid: 427471|internal negligence|new]] and continue the series by speaking to experts about the problem of social engineering.
Hamish Barwick | 20 Jun | Read more
I had the opportunity to speak at a new security conference last week, Security Threats 2012. I presented on the topic of balancing business benefits with risks in the cloud (more on that later), but the event touched on a wide range of pertinent IT topics, provoking stimulating discussions of some of the most pressing challenges business leaders are facing.
Bernard Golden | 03 Feb | Read more
A decade ago, most viruses and worms were unleashed by curious students, pranksters and punks wanting to see what kind of damage they could inflict. That quickly evolved into criminals and thieves writing most of the malware once they realized money could be made.
George V. Hulme | 05 Jan | Read more
It's been an interesting year for those following information security news. We started the year with the Vodafone breach, one of the largest privacy breaches ever experienced within Australia.
Jarrod Loidl | 13 Dec | Read more
If a company hires us for a social engineering engagement, typically they want us to get in and get to their back-up tapes, or into the data in their document room.
Jim Stickley | 27 Oct | Read more
Jim Stickley got his first computer at age 12, and he was chatting with other computer "nerds" on <a href="http://www.csoonline.com/article/688790/nokia-developer-forum-hacked-still-unavailable">bulletin board sites</a> by the time he was 16. A wannabe hacker, Stickley said his first foray into playing the system was with free codes -- codes that would exclude his phone and computer time from racking up charges that would incur the wrath of his parents.
Joan Goodchild | 27 Oct | Read more
You may now be savvy enough to know that when a friend reaches out on Facebook and says they've been mugged in London and are in desperate need of cash, that it's a scam. But social engineers, the criminals that pull off these kinds of ploys by trying to trick you, are one step ahead.
Joan Goodchild | 27 Sep | Read more
When it comes to social engineering attacks, larger companies attract more of them, and when they are victimized it costs more per incident, according to a survey sponsored by Check Point.
Tim Greene | 22 Sep | Read more
The latest social engineering trick to get victims to open malicious email attachments accuses them of being spammers and threatens to sue them if they don't stop.
Tim Greene | 22 Sep | Read more
Social engineering attacks are widespread, frequent and cost organizations thousands of dollars annually according to new research from security firm Check Point Software Technologies.
Joan Goodchild | 22 Sep | Read more
A group of security researchers based in Egypt have created a tool that will make <a href="http://www.csoonline.com/article/651490/social-engineering-attacks-highlights-from-2010">social engineering</a> easier because it automates the collection of hidden <a href="http://www.csoonline.com/article/print/%1Dhttp://www.csoonline.com/article/497076/5-facebook-twitter-scams-to-avoid">Facebook</a> profile data that is otherwise only accessible to friends in a user's network.
Joan Goodchild | 14 Sep | Read more
The <a href="http://www.networkworld.com/topics/security.html">security</a> company Qualys this week demonstrated how to reverse-engineer a <a href="http://www.networkworld.com/subnets/microsoft/">Microsoft</a> patch in order to launch a denial-of-service attack on <a href="http://www.networkworld.com/topics/windows.html">Windows</a> DNS <a href="http://www.networkworld.com/topics/server.html">Server</a>.
Jon Brodkin | 25 Aug | Read more
Stories about lost wages aren't the only scary things being talked about in Sin City this week. The best security researchers and hackers from around the world have gathered in Las Vegas, and news about their work has been creeping out like a toxic flood.
Christina DesMarais | 07 Aug | Read more
Social engineers have been using various <a href="http://www.csoonline.com/article/480589/9-dirty-tricks-social-engineers-favorite-pick-up-lines">dirty tricks</a> to fool people for centuries. <a href="http://www.csoonline.com/article/596512/social-engineering-techniques-4-ways-criminal-outsiders-get-inside">Social engineering</a>, the art of <a href="http://www.csoonline.com/article/494464/social-engineering-5-security-holes-at-the-office-includes-video-">gaining access to buildings</a>, systems or data by exploiting <a href="http://www.csoonline.com/article/663329/social-engineering-3-examples-of-human-hacking">human psychology</a>, rather than by breaking in or using technical hacking techniques, is as old as crime itself and has been used in many ways for decades.
Joan Goodchild | 26 Jul | Read more
A hacking operation dubbed ‘Night Dragon’ has targeted energy utilities, using tried-and-tested intrusion methods to steal intellectual property related to oil field exploration and bidding plans, according to security company McAfee.
Georgina Swan | 11 Feb | Read more