US hotel chain Marriott may have copped a hefty fine for blocking Wi-Fi hotspots at its hotels, but the practice is set to become more common with the emergence of new solutions enabling other companies to do the same thing
David Braue | 16 Feb | Read more
Major car manufactures are coming up short on security despite racing ahead with new smarts in cars that leave them exposed to remote hacking and privacy threats, according to a new report.
It's hard enough to make sure employees don't walk out the door with your corporate data in hand – but with a growing tide of sentiment suggesting encryption is actually a potential problem,what's a CSO to do?
David Braue | 09 Feb | Read more
Cybercriminals behind a crude but effective campaign to spread malware on Facebook are have tricked thousands of the social network’s users into installing a malicious extension on Google’s Chrome store.
Network attached storage vendor Synology claims to have improved its handling of security issues following last year’s ransomware attacks on its users. CSO Australia and Enex Test Lab put its latest version of DiskStation Manager (DSM) on the new Synology DS1515+ hardware through its paces.
Growing concerns about the security of the evolving Internet of Things (IoT) have elicited a variety of industry responses, the latest being a push by Verizon Enterprise Solutions to scale its digital-certificate creation and management tools to support IoT deployments with tens of millions of connected units.
David Braue | 03 Feb | Read more
Researchers have discovered a serious vulnerability affecting multiple distributions of the Linux OS. While there are patches available the clean up effort is likely to going be a major task for Linux admins.
On the heels of two real Flash Player security updates being distributed by Adobe Systems this week, hackers are spreading a fake update for the media player via a scam on Facebook that has exposed at least 5,000 users to the threat.
Despite being an integral aspect of many, if not most, major attacks, social engineering tactics always seem to go underappreciated by enterprise security teams. However, it's often easier to trick someone into opening an email and exploiting a vulnerability that way, or convincing an unsuspecting assistant to provide a few useful bits of information, than it is to directly attack a web application or network connection.
George V. Hulme | 23 Jan | Read more
Big-name security tools aren't catching anywhere near all of the malware they are presented with, according to the latest lab testing results from Enex Labs, which found during testing in the second half of 2014 that as many as 100 percent of tested malware was making it through the defences of eight popular security tools. The results were corroborated by a FireEye study that found traditional security defences simply are not stopping security breaches.
David Braue | 19 Jan | Read more
Security operations centers (SOC) have been around for a while, stretching back to the old room full of live camera feeds. The intent of a SOC is simple: provide the business with the ability to see what is going on in order to take action if necessary. The level of SOC sophistication varied depending on the risks and infrastructure complexity. Consider the humble stretch of road and an analogy for businesses in the very early days of the internet: In low risk, low traffic areas, it was often not necessary to have a constant additional surveillance of this road. Road rules -- basic perimeter-based network security measures like firewalls -- still applied, but it was considered sufficient for any out-of-the-ordinary incidents to be handled reactively.
Michael Lee | 20 Jan | Read more
US Central Command (Centcom) has dismissed the acts, which saw its YouTube and Twitter accounts briefly fall into the hands of hackers and used to distribute pro-ISIS messages as “cyber vandalism” and said that none of its military servers were compromised during the incident.
Andrew Colley | 14 Jan | Read more
A global effort to improve awareness of mobile-app privacy policies could gain further weight after Apple released new figures confirming that mobile apps continue to be bought and downloaded at record-breaking pace.
David Braue | 09 Jan | Read more
In what has been one of the most momentous years in infosec ever - the Sony hack has topped everything. Although the Sony hack did not impact as many people directly as Apple's "goto: fail" bug or the Heartbleed exploit, the commercial and political ramifications of the attack on Sony have garnered more attention than any other attack - surpassing even the target attack in November 2013.
Anthony Caruana | 25 Dec | Read more
Many senior executives still fail to recognise that information security is crucial to their company's survival and less than one in ten sees poor data security as the greatest risk to their business, according to an NTT Com Security survey released this week.
David Braue | 14 Nov | Read more
.jpg)
As data becomes ever more mobile there's an increased risk that it can fall into the wrong hands. And, while there are many technologies to try and prevent this from happening, or tracking a device down if it's lost or stolen, the ultimate solution to data security is preventing it leaving the storage device in the first place.
Ashton Mills | 14 Nov | Read more
Following yesterday’s take down of online drugs bazaar Silk Road 2.0, European authorities revealed a much wider effort was underway that targeted over 400 dark net sites.
It may have taken nearly two years to complete, but certification of CipherCloud's cryptographic tools to US government FIPS 140-2 requirements is finally set to help the cloud industry overcome many of the obstacles that have hindered its adoption in the past, the company's senior security director believes.
David Braue | 24 Oct | Read more
Security vendor FireEye will ramp up its local recruitment and training as it works to staff new security operations centres (SOCs) that it jointly announced this week with Singapore-based telecommunications concern SingTel through its Optus Australian subsidiary.
David Braue | 10 Oct | Read more
Australia earned the dubious honour of being the country most targeted by phishers – and that's saying something given that it happened in a climate where the overall level of data breaches is continuing to rise. Even malvertising authors were upping their game, digitally signing new samples in an effort to bypass detection by antivirus scanners.
David Braue | 07 Oct | Read more