Despite being an integral aspect of many, if not most, major attacks, social engineering tactics always seem to go underappreciated by enterprise security teams. However, it's often easier to trick someone into opening an email and exploiting a vulnerability that way, or convincing an unsuspecting assistant to provide a few useful bits of information, than it is to directly attack a web application or network connection.
George V. Hulme |
23 Jan |
Read more
A hacker, said to be an Australian, may be one of the key members behind the Ukrainian separatist hacking group that claimed responsibility for attacks on German government websites earlier this month.
Liam Tung |
21 Jan |
Read more
Weeks after the Chinese government blocked Gmail, some Outlook users in the country have reported suspicious attempts to intercept their email and passwords.
Liam Tung |
20 Jan |
Read more
Big-name security tools aren't catching anywhere near all of the malware
they are presented with, according to the latest lab testing results from
Enex Labs, which found during testing in the second half of 2014 that as
many as 100 percent of tested malware was making it through the defences of eight popular security tools. The
results were corroborated by a FireEye study that found traditional
security defences simply are not stopping security breaches.
David Braue |
19 Jan |
Read more
Carberp, a banking trojan that recently hit over 150,000 Australian PCs, is taking a second bite at Australia through spam email loaded with malware.
Liam Tung |
16 Jan |
Read more
Marriott International has promised not to block personal wifi hotspots at its hotels after Google and Microsoft weighed in against a bid by hotels seeking permission to do so in order to “secure” their network — a practice it was fined $600,000 for last October.
Liam Tung |
16 Jan |
Read more
Security operations centers (SOC) have been around for a while, stretching back to the old room full of live camera feeds. The intent of a SOC is simple: provide the business with the ability to see what is going on in order to take action if necessary. The level of SOC sophistication varied depending on the risks and infrastructure complexity. Consider the humble stretch of road and an analogy for businesses in the very early days of the internet: In low risk, low traffic areas, it was often not necessary to have a constant additional surveillance of this road. Road rules -- basic perimeter-based network security measures like firewalls -- still applied, but it was considered sufficient for any out-of-the-ordinary incidents to be handled reactively.
Michael Lee |
20 Jan |
Read more
Just like the iPhone, Apple Watch will have a four digit passcode that users will need to type in before Apple Pay can be used for payments.
Liam Tung |
14 Jan |
Read more
A high-profile hack by terrorist group ISIS has reinforced the importance of new high-level cybersecurity initiatives that have won support from retail and banking leaders as US president Obama prepares to deliver his annual State of the Union address next week.
David Braue |
13 Jan |
Read more
Educators like to talk about the importance of teaching coding to students, but the network security protocols in place on some UK school networks are holding them back, according to some reports. No word on whether those same protocols will do much to stop the use of a new, free tool that automates the process of phishing for Wi-Fi passwords on open networks.
David Braue |
12 Jan |
Read more
A global effort to improve awareness of mobile-app privacy policies could gain further weight after Apple released new figures confirming that mobile apps continue to be bought and downloaded at record-breaking pace.
David Braue |
09 Jan |
Read more
Hotels, restaurants and other hospitality organisations are letting down consumers with inadequate security mechanisms that could expose users to malware or data theft, a new survey of hospitality networks has found.
David Braue |
09 Jan |
Read more
The OpenSSL project has kicked off the new year with fixes for handful of bugs that fortunately are not as disastrous as Heartbleed or POODLE.
Liam Tung |
09 Jan |
Read more
Despite a few security hiccups, Apple's OS X and iOS platforms have been generally very secure. While all users are potentially vulnerable to phishing attacks and identity theft, Apple's platforms have been solid. But that seems to be changing with the identification of a flaw in Apple's Thunderbolt ports that can used to write custom code into the Mac's boot ROM.
Anthony Caruana |
08 Jan |
Read more
Security experts are likely to remain unsatisfied with an explanation by the Federal Bureau of Investigation’s boss as to how they linked North Korea to the attacks on Sony.
Liam Tung |
08 Jan |
Read more
The Tor Project said on Friday that the online anonymity network may go dark in coming days due to an attempt to incapacitate it.
Liam Tung |
22 Dec |
Read more
Check Point® Software Technologies Ltd. today released its findings of Misfortune Cookie, a critical vulnerability that allows an intruder to remotely take over a residential gateway device and use it to attack the devices connected to it.
CSO staff |
19 Dec |
Read more
European companies in the business of selling spyware and exploits to international governments and law enforcement will need a special licence from 31 December 2014
Liam Tung |
19 Dec |
Read more
Researchers have found over 60 Android ROMs for Coolpad smartphones have a backdoor that gives the Chinese handset maker full control over devices, including the ability to send fake over the air update messages.
Liam Tung |
18 Dec |
Read more
Cybercriminals behind the TorrenLocker malware may have earned as much as $585,000 over several months from 39,000 PC infections worldwide, of which over 9,000 were from Australia.
Liam Tung |
17 Dec |
Read more
