This interactive session will bring you and your peers up to date on the latest in credential management, and its role in containing security risks that you may not even know about.
Google widens its push for all websites to enable encrypted connections with a new approach to HTTPS Strict Transport Security (HSTS).
Infected CCleaner planted backdoor in computers at Microsoft, Intel, Samsung and other tech giants.
Penetration testing often uncovers the same vulnerabilities over and over again while leaving other avenues of compromise wide open, a ‘red-team’ hacker has warned while reporting that his firm is still seeing “great success” using malware techniques and social engineering to compromise “complacent” firms that would seem to be following security best practices on paper.
David Braue | 20 Sep | Read more
Growing Australian demand for security tools meant “the time is right” for New Zealand security firm RedShield to jump into Australia on its way to a full-fledged global presence, the company’s founder has said as it announces an Australian distribution partnership for tools designed to insulate businesses from exposure to known vulnerabilities.
David Braue | 29 Aug | Read more
All the security defences in the world are worth nothing if employees compromise them
David Braue | 21 Jul | Read more
"Code reuse is vulnerability reuse", warns security firm after finding critical flaw in a third-party code library.
Google puts developers who abuse Android permissions on notice.
Ransomware sweeps the globe with the same exploit as WannaCry but is better designed.
Malware writers have come up with a novel way to install malware from Office that doesn't rely on tricking users to enable macros.
Any company operating a multi-storey office building would develop painstaking fire escape plans, and any hospital would develop backup plans detailing how it could operate in the event of a power failure. So, if responsible businesses are actively addressing these risks, why are so many companies still failing to lay down detailed plans for dealing with a cybersecurity incident?
David Braue | 08 Jun | Read more
Nearly all security executives anticipate being attacked online this year but nearly half believe their cybersecurity team lacks the resources to address anything beyond simple security issues, according to new ISACA research that reinforces the growing risks posed by an increasingly-expensive cybersecurity climate.
David Braue | 07 Jun | Read more
The story of how Samy Kamkar made his reputation in information security is the stuff of legend. After getting his first computer as a ten year old, he started exploring the Internet through message boards, IRC, gaming and creating hacks and cheats for the games, before moving on to other forms of online activity.
Anthony Caruana | 01 Jun | Read more
Hackers once again use legit Apple Developer ID to sign malware for Mac computers.
Apple races out a patch for a iOS devices that likely also affects Samsung's Galaxy S7 and a number of other Android smartphones too.
A widely publicised security breach two years ago was “probably the most valuable thing that could have happened” to rapidly growing business collaboration vendor Slack, the company’s chief security officer has said as the company steadily pushes towards its highly anticipated IPO.
David Braue | 22 Mar | Read more
The confluence of new technologies is set to help businesses move away from password-based authentication towards a more-secure, less-invasive approach that relies heavily on behavioural monitoring and a range of inputs from smartphones and other devices.
David Braue | 22 Mar | Read more
With the CSO Perspectives roadshow in full swing this month – with sessions still to come in Brisbane, Sydney, and Wellington – security practitioners across Australia were treated to insights from black-hat turned white-hat hacker Mark Loveless and concerns about problems such as the dangerous world of the Internet of Things (IoT).
David Braue | 21 Mar | Read more
IBM has rolled out its Watson cognitive capabilities to do battle with rival enterprise mobile device management (MDM) platforms.
The US Government has warned organizations to take extra precautions when using TLS inspection software due to widespread problems with certificate validation.