Verizon: malware turned a university’s soda machines into a botnet that downed its own network
An alleged malware incident serves as reminder that IoT changes how security risks need to be assessed.
Health — News
The week in security: ASD updates security best-practice guidelines as invisible malware looms
The Australian Signals Directorate updated its widely-cited cybersecurity guidance with four new policies for improving overall security, helping set the stage for greater government cybersecurity engagement with businesses that are likely to soon face breach-notification laws.
David Braue | 13 Feb | Read more
Addressing IoT’s endpoint risks will help businesses build security that’s usable and effective
Businesses may be actively pursuing new opportunities to leverage new devices and cloud services, but many are struggling to protect their technological investments with security frameworks that also offer better business outcomes.
David Braue | 13 Feb | Read more
A new gadget can give phones a self-destruct option
Smartphones that randomly self-destruct are bad on self-destructs on demand? That could be useful.
Malwarebytes, Upguard and Cisco the latest to tap into buoyant Australian security market
Australia’s burgeoning cybersecurity market continues to attract investment as security vendors ramp up their local presence to woo businesses searching for increasingly sophisticated malware solutions.
David Braue | 09 Feb | Read more
Cybersecurity is IT auditors’ #1 concern as they struggle to get involved earlier, more deeply
Integration of new technologies is seen as less of a challenge than it was in the past but IT security concerns are increasing dramatically, according to a review of IT auditing best practice that has also found that risk management of third parties is rising rapidly.
David Braue | 09 Feb | Read more
Watch out for augmented cyber reality in 2017, warns EU security agency
Europe's top infosec body warns that fake tech news could be used distract the public from an attack with real consequences.
CSOs’ to-do lists expanding as new ASD security guidelines herald breach-notification revival
The Australian Signals Directorate (ASD) is so confident of the efficacy of expanded cybersecurity guidance that it is offering to engage with businesses if the measures fail to stop a security breach – which will offer them support before, during, and after the mandatory notification that would be triggered under breach-notification laws that were revived in Parliament this week.
David Braue | 08 Feb | Read more
ACCS: Telco security reforms could push deeper than metadata regime
One of Australia’s premier academic cyber security think tanks has cautioned the federal government that its proposed new telecommunications networks security reforms need stronger oversight provisions.
Andrew Colley | 08 Feb | Read more
The week in security: As Trump ban hits tech, researchers ask: why are humans so bad at security?
US president Donald Trump’s controversial travel ban had security executives seriously concerned, even as the new leader prepared and then delayed the signing of a far-reaching order around government cybersecurity.
David Braue | 06 Feb | Read more
Insecure healthcare organisations don’t even know they’re being hacked, experts warn
Convergence of operational and clinical networks, confounded by a systemic lack of action around information-security controls, are crippling the Australian healthcare industry’s data protection efforts and signal looming problems with a compliance regime based on higher visibility of data breaches, security specialists have warned.
David Braue | 03 Feb | Read more
Data visualisation suggests OAIC will closely monitor breach-notification rampup
A new data-analytics driven portal, launched this week by the Office of the Australian Information Commissioner (OAIC), will support the introduction of breach-notification laws by ramping up the visibility of information related to data breaches and investigations within Australian businesses.
David Braue | 03 Feb | Read more
Dangerous hole found in McAfee ePO antivirus central management suit
A McAfee tool for managing antivirus in the enterprise can be hacked by anyone on the web.
As governments review security exposure, secure unified workspaces lead the way for business
With Australia’s prime minister recently outlining details of nation-state cybersecurity breaches and the US president launching an aggressive push to review and upgrade his government’s information security, data security’s profile has never been higher. And as governments reposition themselves for an age of open cyberwarfare, businesses of all sizes must follow their lead by ensuring that enterprise applications, mobile, and cloud services are wrapped in a layer that can deter compromise and protect sensitive data throughout its lifecycle.
David Braue | 03 Feb | Read more
Patch “severe” WordPress REST API bug now, warn experts
Security experts are warning WordPress users to patch now if they didn't apply last week's update, which contained a hidden fix for a remotely code execution bug.
Over-reliant on cloud security, app-loving SMBs must bolster management: F5
Small and medium businesses (SMBs) are putting too much faith in the security of cloud platforms and need to make sure they tighten application and data-security protections while making the shift, a security expert has warned on the back of a survey suggesting that application-service rollouts are continuing to pick up despite a lack of skills to protect them.
David Braue | 01 Feb | Read more
UK researchers get £1.1m to answer why humans keep failing at cybersecurity
Can personalized lessons aimed at helping people do security better prevent them becoming victims of cybercrime?
Facebook wants to kill account recovery security questions
Facebook's new tool won't kill passwords, but it could be a better way to recover a hijacked account than security questions and account recovery links.
The week in security: Trump’s tweeting raises security concerns; half of SMBs just pay ransomware fees
Australian consumers are still pretty poor at securing their information but those same consumers are unforgiving of businesses that do the same, a new study suggests. Similarly, breaches of online megalith Yahoo had caused its acquisition by Verizon to be pushed back, reports suggested.
David Braue | 30 Jan | Read more
Consumers lax on data security but unforgiving on businesses that are breached
Looming breach notification laws could strain customer loyalty by forcing businesses to admit that they have failed to live up to the expectations of the 70 percent of customers that expect businesses to protect their data, according to one new study.
David Braue | 25 Jan | Read more