Google’s G Suite gets new dashboard to spot new threats
Google offers a G Suite customers a central place to manage and monitor security threats and adjust security settings.
Social Engineering — News
OnePlus customers hit by card fraud after buying phones on oneplus.net
OnePlus investigates a possible card breach after customers report fraudulent charges on cards used to recently purchase OnePlus phones online.
Oracle WebLogic hackers pick Monero mining over ransomware
A WebLogic exploit is proving popular with criminals who free ride off company servers to mine the cryptocurrency Monero.
Microsoft: Even after Meltdown, Windows patches won’t install if your antivirus isn't fully compatible
Microsoft turns up the heat on misbehaving antivirus in the wake of Meltdown and Spectre.
The holidays in security: A New Year’s headache that nobody asked for – but everybody suffers
If the world’s IT community wasn’t already nursing headaches from their New Year’s celebrations – and the anticipation of a year in which cybercriminals are set to get even smarter about their attacks – things got worse quickly with the announcement of two security flaws that stem from issues in the hardware of Intel and other microprocessors built into billions of computers and mobile devices.
David Braue | 09 Jan | Read more
2017: the year cybercrime made the world sit up and take notice
This was the year that cybersecurity hit the mainstream – and cybercriminals showed the world they’re not kidding around.
David Braue | 31 Dec | Read more
Five Romanians arrested in Cerber and CTP-Locker ransomware bust
The law catches up with affiliates in one of the biggest ransomware-as-a-service operation, but the ransomware's developer remains at large.
The week in security: You’ve just been breached. Do you know what to do?
Are you prepared for a security breach?
David Braue | 18 Dec | Read more
How one healthcare data provider boosted its security health
For an organisation whose entire business revolves around the trafficking of healthcare data, the need for information security is hardy a revelation.
David Braue | 06 Dec | Read more
UK’s NHS spends $35m on new security ops centre in response to WannaCry
The UK steps up threat intelligence and support after WannaCry revealed weaknesses in healthcare.
Are Australian companies putting too much faith in security AI, too soon?
Security analysts have long spruiked the benefits of automation, artificial intelligence (AI) and machine learning (ML) – but with Australia racing towards security automation at world-beating pace, one security expert has warned potential adopters to maintain healthy scepticism and a commitment to continuous process improvement.
David Braue | 09 Nov | Read more
Australian companies kicking security own-goals as military data theft highlights escalating cyber risk
Revelations that 30GB of sensitive Australian military data were exfiltrated from a subcontractor have underscored the risk faced by Australian companies that continue to leave themselves exposed by failing to employ “established and relatively straightforward cyber security measures”, the federal government’s peak cybersecurity body has warned as new data points confirms that local businesses are seeing increasing losses to cyber-attackers.
David Braue | 06 Nov | Read more
Phishing frenzy: vendors backdoor phishing kit they sell
Study of phishing kit ecosystem phishers feeding off each other.
How Australia Post’s cybersecurity educators beat the 8-second attention span
Contextualise education campaigns to convince employees why they should care
David Braue | 31 Oct | Read more
Your passwords are too short, police warn as Stay Smart Online Week prompts user education
Victoria Police has raised the bar on password security for Australian consumers to dizzying heights, marking Stay Safe Online Week with an exhortation for users to use passwords with at least 16 characters in them and to rely on 2-factor authentication for bank accounts, social media, and online payments.
David Braue | 12 Oct | Read more
Equifax says 15.2m UK records exposed in hack
UK breach nearly twice as big than first thought.
The week in security: SMBs struggle on skills as critical Dnsmasq bug exposes infrastructure, IoT
Small and medium businesses are struggling to keep up with their need for security specialists.
David Braue | 09 Oct | Read more
CSO Live Webinar: If you can’t control users’ cloud apps, your data is as good as lost
This interactive session will bring you and your peers up to date on the latest in credential management, and its role in containing security risks that you may not even know about.
Medical, consumer device makers are trying, at least, to improve IoT security: consultant
Manufacturers of medical devices and other Internet of Things (IoT) tools are increasingly seeking help to review and secure their source code, according to an Australian security consultancy that will soon hold a formal ‘hack day’ in which its researchers will each try to compromise a different IoT device.
David Braue | 28 Sep | Read more
Pen-testing may pacify auditors, but it won’t stop hackers from taking your data
Penetration testing often uncovers the same vulnerabilities over and over again while leaving other avenues of compromise wide open, a ‘red-team’ hacker has warned while reporting that his firm is still seeing “great success” using malware techniques and social engineering to compromise “complacent” firms that would seem to be following security best practices on paper.
David Braue | 20 Sep | Read more