Australian customers may be happy that Microsoft has finally turned on Australian presences for its Azure cloud service, but some are warning that planned cloud adopters need to be careful not to be over-reliant on the company's internal security measures.
David Braue | 30 Oct | Read more
Microsoft has detected a huge spike relatively new member of malware that encrypts victims’ files until payment is delivered.
Organisations wondering whether data-security efforts are worth the effort will no doubt find motivation in new research that found consumers are more concerned about the security of their credit-card information than they are about their health or their retirement savings.
David Braue | 28 Oct | Read more
Security pundits were poring over Apple's new Yosemite operating system, with some noting that the revised Spotlight service was sharing search terms by default; Apple responded by arguing that the Spotlight Suggestions feature was in fact not violating user privacy, even as other onlookers warned that Yosemite's version of TextEdit would upload unsaved TextEdit document to the company's iCloud service.
David Braue | 28 Oct | Read more
If you’re using Apple’s latest desktop OS, Yosemite, you might want to adjust your iCloud settings to avoid unsaved documents ending up on Apple’s servers.
Australian security company Senetas is eyeing new government and commercial contracts after announcing this week that its encryption technologies had been certified to NATO security standards.
David Braue | 25 Oct | Read more
It may have taken nearly two years to complete, but certification of CipherCloud's cryptographic tools to US government FIPS 140-2 requirements is finally set to help the cloud industry overcome many of the obstacles that have hindered its adoption in the past, the company's senior security director believes.
David Braue | 24 Oct | Read more
Developers that use an Amazon Web Service (AWS) identity service called Cognito can now let users sign in to their apps with their Salesforce credentials.
Back in July 2001 two security researchers, Marc Maiffret and Ryan Permeh from eEye Digital Security, discovered the Code Red worm - a piece of malware that targeted Microsoft's IIS software and propagated wildly until it was stopped. It was followed by more vulnerabilities and threats until Microsoft was forced to launch its Trustworthy Computing initiative in 2002.
Anthony Caruana | 24 Oct | Read more
The ongoing scourge of ransomware and a persistent lack of knowledge around proper security procedures are helping drive strong growth for Dell SecureWorks in Australia and the Asia-Pacific region, according to the head of the company's regional security operations.
David Braue | 23 Oct | Read more
With Android 5.0 or Lollipop, Google has put in place a framework for improving the security of Android apps.
Some 100,000 photos taken from Snapchat users weren't the service's fault, although some observers were seizing on the leak to argue for an improvement in security by Snapchat and other online services. Ditto Dropbox, which was also denying it was to blame after hackers published what they claimed were excerpts from 7 million Dropbox credentials; the cloud-storage giant blamed a third-party service for the leak, but security experts were still using the event to push their case for users to adopt two-factor authentication – particularly given that cloud security and ubiquitous identity for cloud services is still over a year away.
David Braue | 21 Oct | Read more
The cloud computing industry is improving its security story – long based on installing intermediary encryption gateways – but is still more than a year away from having “ubiquity in terms of security controls”, a Symantec security expert has warned.
David Braue | 17 Oct | Read more
Security is big business these days. With our old approach of blocking everyone at the border failing - mainly because no-one knows where the border is anymore - a risk-based approach is driving the way businesses think about their information and systems security.
Anthony Caruana | 22 Oct | Read more
Peter Allor is the Lead Security Strategist in IBM's Critical Infrastructure Group. He works at the forefront of information security, working with researchers to look at events, as they happen, to learn about new techniques that are being adopted by attackers from a protection perspective and how to deal with those in across distributed computing in the cloud. But he is on the board of directors of FIRST - the Forum of Incident Response and Security Teams and ICASI - the Industry Consortium for Advancement of Security on the Internet.
Anthony Caruana | 16 Oct | Read more
Around one million Drupal-based websites are affected by a serious security flaw that could give attackers complete control their site’s database.
Governments hold a unique position in the establishment of new authentication schemes and must therefore take the lead in building out new mobile-based identity platforms to securely enable the delivery of a range of key services to their citizens, the Secure Identity Alliance has argued in a new white paper.
David Braue | 16 Oct | Read more
Microsoft announced its upcoming Australian version of its Azure cloud platform had achieved government security certification. On similar lines, Microsoft also joined other technology providers in promising to protect student privacy, and developed a new way to securely isolate data and applications from the cloud infrastructure they're running on.
David Braue | 14 Oct | Read more
As usual Adobe’s patches for October will fall in line with Microsoft’s this Tuesday, but this month Oracle’s quarterly and enormous list of 155 fixes falls on the same day.
Responding to complaints by the US government over mobile device encryption, Google chairman Eric Schmidt has said the company’s hand was forced by government hacking.