The RSA security conference in the US was on, bringing information-security professionals from around the globe – and pundits onto the stage (check out our photo gallery here). The head of RSA told security professionals they needed to get rid of old mindsets when considering security, while an expert panel concluded that giving encryption keys to the US National Security Agency (NSA) was a bad idea; other experts said a proposed key-escrow plan it just wouldn't work.
David Braue |
27 Apr |
Read more
Advertisements placed in Web sites and mobile applications using ad networks and exchanges are four times as likely to have malware than those sourced directly from publishers, according to an analysis of advertising malware and safety that also found Australia's rate of ad fraud is lower than that in comparable European countries.
David Braue |
25 Apr |
Read more
Loud music, a spectacular video presentation and an auditorium full of info sec professionals. It’s that time of the year - the opening of RSA Conference.
Anthony Caruana |
22 Apr |
Read more
Potentially millions of WordPress websites may be exposed to hackers through a flaw that has seeped into multiple plugins through unclear recommendations in official WordPress documentation.
Liam Tung |
21 Apr |
Read more
As if it wasn't enough that security staff were playing a continuous game of catch-up – investigating an average of 1.5 security breaches per week even as research reveals institutional investors don't believe company boards have the security threat under control – it turns out Australians' world-leading love of social media has made us world-leading targets for ransomware purveyors and malware criminals that are using extremely complex techniques against us.
David Braue |
20 Apr |
Read more
Cybercriminals are improving their game so rapidly and effectively that mainstream malware is showing the kind of sophistication previously only seen in nation-state attacks – and Australians are the world's most accommodating victims, a senior security researcher has warned.
David Braue |
16 Apr |
Read more
Public-sector organisations suffered by far the most security incidents but had proportionally the fewest out of 20 surveyed industries in which data was confirmed lost, Verizon has found in a major data-breach report that also concluded security teams have less time than ever to act against new attacks.
David Braue |
15 Apr |
Read more
Resource-stretched CSOs were forced to investigate an average of 1.5 security incidents every week last year and lost significant amounts of time playing catch-up with ever-nimbler cybercriminals, a survey of IT and security professionals has found.
David Braue |
15 Apr |
Read more
Apple has released a massive security update with iOS 8.3, with fixes for flaws in everything from the keyboard to the kernel. But the company doesn’t appear to be following Mozilla’s and Google’s moves to distrust a Chinese certificate authority.
Liam Tung |
09 Apr |
Read more
A new feature in Android keeps your passcode protected smartphone unlocked when it’s on your body — a move that reduces the hassle of typing a passcode but also leaves devices exposed to muggers.
Liam Tung |
24 Mar |
Read more
Nearly 3 out of 4 businesses have experienced an information-security incident over the last year due to the actions of employees, ex-employees, contractors or partners, new research from security vendor Clearswift has found.
David Braue |
20 Mar |
Read more
Security practitioners have so many potential security frameworks to choose from that their effectiveness is being compromised as companies spend too much energy focused on achieving compliance rather than maintaining it, industry experts have warned.
David Braue |
20 Mar |
Read more
Researchers have found 13 apps on Google Play that foist unwanted advertisements to Android devices, making it the fourth time Google has removed adware from its store in three months.
Liam Tung |
19 Mar |
Read more
It is impossible to discuss the recent debate around data retention in Australia without eventually coming back to information security -- encryption, the secure storage of digital records, and meta data are just some of the topics that are traditionally security issues. However, they are the same issues that have been addressed time and time again in the private sector.
Michael Lee |
18 Mar |
Read more
Google has added humans to its app review process to weed out malware, sexually explicit content and other violations, and has tightened its content rating system.
Liam Tung |
18 Mar |
Read more
Verizon will leverage its local cloud capabilities and a growing portfolio of on-network security services to meet growing cloud demand across key Asia-Pacific geographies, the company's local head has said as the company took the wraps off of the Australian instance of its Verizon Cloud platform this week.
David Braue |
17 Mar |
Read more
The importance of the human element in information security is sometimes lost amongst all the discussion about new technologies, but the usage of insecure email services by former US secretary of state Hilary Clinton has brought the issue into fine focus after it was revealed that her email remained unencrypted and unauthenticated for three months. Indeed, despite years of user education experts continue to warn that the 'human firewall' is continuing to suffer from significant weaknesses.
David Braue |
17 Mar |
Read more
Pinterest, the company that lets users pin the web, has switched on HTTPS for its website and launched a bug bounty with Australian-born crowdsourcing platform Bugcrowd, which has landed $6m in VC funding.
Liam Tung |
17 Mar |
Read more
The majority of companies handling personal financial details are failing to meet their obligations to adequately protect those details under compliance with Payment Card Industry Data Security Standards (PCI DSS) requirements, a scathing evaluation of ongoing compliance by Verizon has found.
David Braue |
12 Mar |
Read more
For all the talk about the importance of new security technologies, the importance of staff buying into corporate security strategies is often underestimated. In every case, the predictable result is the same: a strong technological barrier whose effectiveness is immediately compromised once a legitimate user, with legitimate access to internal resources, clicks on a phishing email designed to load malware onto their computer.
David Braue |
12 Mar |
Read more