Big businesses may spend more on security but their complexity makes them easier to hack, a former teenage hacker told an audience of big-business CSOs in opening up a day of insights at CSO Australia’s SecurIT conference this month.
David Braue | 14 Jun | Read more
A CEO’s poor password hygiene enabled an escalating series of attacks that capped off a 50-day hacking spree that sent several members of hacking group LulzSec to jail and caused significant financial and reputational damage for companies like Fox News, US broadcasters Fox News and PBS, and Sony’s PlayStation Network.
David Braue | 14 Jun | Read more
A look at mobile spyware that family and partners use on each other.
Despite efforts by both the government and private sector, data breaches continue to rise. What’s going wrong? Australia has neglected one big factor in its battle to prevent breaches: data masking.
Richard Gerdis, Delphix | 13 Jun | Read more
Google defends its Manifest V3 Chrome plans amid concerns it is protecting ad revenues.
They may have exfiltrated personal data by different means, but this week’s successful compromise of Westpac’s PayID service highlights the continuing threat faced by organisations whose business relies on collecting large volumes of sensitive information.
David Braue | 06 Jun | Read more
There's growing concern the recently disclosed Bluekeep flaw could turn into a disaster scenario.
Wow, I have to say a lot happened in the last two days of May 2019. I am not sure where exactly I should start but let's make it simple and start from the beginning – 4:30 am on Thursday the 30th of May.
Craig Ford | 04 Jun | Read more
It’s been over a year since the European Union enacted its GDPR data-privacy legislation – and as experts debate its effectiveness
David Braue | 04 Jun | Read more
iPhone and iPad will be offered an Apple alternative to easy Google and Facebook log in options.
What do you get when you combine hacking tools that are easy to access, a treasure trove of stolen user credentials, user authentication that's so complex it practically begs to be bypassed and companies that make connected devices with little understanding of what they're doing and even less or an idea of how to fix the mess they've made?
Anthony Caruana | 31 May | Read more
Imagine this. You've been hired to run a company's cybersecurity team and discover that your team is under-resourced.
Anthony Caruana | 31 May | Read more
The employment market is hungry for “future focused” executives with the ability to manage cybersecurity risk at the board level, according to a recent jobs market update that also found employers put a premium on executives who understand the need to continually test systems through regular red-teaming and penetration testing.
David Braue | 29 May | Read more
The European Union’s tough privacy laws may have gathered momentum as they head into their second year, but one compliance specialist warns that the Australian government needs to take the initiative to motivate Australian companies that are still coming to grips with the legislation and don’t realise its potential impact on their businesses.
David Braue | 28 May | Read more
Microsoft brings its Windows 10 security tech to enterprise running multi-browser environments with Chrome, Edge, and Firefox.
Passwords are an archaic and painful way for users to securely authenticate themselves. They are one of the biggest issues that security teams need to deal with in an enterprise, they are constantly stolen or cracked due to user poor security practices.
Craig Ford | 27 May | Read more
GitHub offers new features and security enablers to help developers and enterprise securely adopt open source workflows.
Cybercriminals are increasingly targeting senior business executives directly as they look for new ways to navigate technological and human defences, according to a detailed analysis of data breaches from 2018.
David Braue | 23 May | Read more
Google reveals it was not properly protecting some G Suite user passwords for the past 14 years.
Improving attention and retention rates may have shown that humour is a better training tool than fear, but a security-training pioneer believes the two will come together productively as cyber insurers crack down on training and impending ‘Phishing 2.0’ features allow CISOs to engage with employees the second they click on a malicious link or attachment.
David Braue | 22 May | Read more