Researchers find 13 new Android adware apps on Google Play
Researchers have found 13 apps on Google Play that foist unwanted advertisements to Android devices, making it the fourth time Google has removed adware from its store in three months.
Security Industry — News
What the private sector could contribute to the data retention debate
It is impossible to discuss the recent debate around data retention in Australia without eventually coming back to information security -- encryption, the secure storage of digital records, and meta data are just some of the topics that are traditionally security issues. However, they are the same issues that have been addressed time and time again in the private sector.
Michael Lee | 18 Mar | Read more
Privileged-account controls crucial as Telstra weighs cost of data-retention security
Telstra is “still working on” calculating the cost of reliably securing the mass of metadata that will be collected under the government's controversial telecommunications data retention legislation, the company's chief information security officer has confirmed.
David Braue | 18 Mar | Read more
Google Play app review process gets a human touch
Google has added humans to its app review process to weed out malware, sexually explicit content and other violations, and has tightened its content rating system.
Security driving cloud conversations as Verizon bolsters ANZ capabilities
Verizon will leverage its local cloud capabilities and a growing portfolio of on-network security services to meet growing cloud demand across key Asia-Pacific geographies, the company's local head has said as the company took the wraps off of the Australian instance of its Verizon Cloud platform this week.
David Braue | 17 Mar | Read more
The week in security: Security skills squeezed as human soft spot persists
The importance of the human element in information security is sometimes lost amongst all the discussion about new technologies, but the usage of insecure email services by former US secretary of state Hilary Clinton has brought the issue into fine focus after it was revealed that her email remained unencrypted and unauthenticated for three months. Indeed, despite years of user education experts continue to warn that the 'human firewall' is continuing to suffer from significant weaknesses.
David Braue | 17 Mar | Read more
Pinterest goes HTTPS, launches bug bounty with cashed-up Bugcrowd
Pinterest, the company that lets users pin the web, has switched on HTTPS for its website and launched a bug bounty with Australian-born crowdsourcing platform Bugcrowd, which has landed $6m in VC funding.
A year on, commissioner “pleased” with Australian Privacy Principles momentum
Privacy commissioner Timothy Pilgrim is “pleased” with the rate at which Australian businesses have embraced the overhauled Privacy Act 1988 in the year since significant changes to the legislation were introduced.
David Braue | 13 Mar | Read more
Companies failing to maintain payment-card protections after PCI DSS certification
The majority of companies handling personal financial details are failing to meet their obligations to adequately protect those details under compliance with Payment Card Industry Data Security Standards (PCI DSS) requirements, a scathing evaluation of ongoing compliance by Verizon has found.
David Braue | 12 Mar | Read more
The human firewall has a soft spot: you
For all the talk about the importance of new security technologies, the importance of staff buying into corporate security strategies is often underestimated. In every case, the predictable result is the same: a strong technological barrier whose effectiveness is immediately compromised once a legitimate user, with legitimate access to internal resources, clicks on a phishing email designed to load malware onto their computer.
David Braue | 12 Mar | Read more
Cold storage market heats up with Google’s new Nearline
Google is teaming up with Symantec and others to enter the ‘cold storage’ market for information that needs to be kept but isn’t accessed frequently.
Apple Watch debut highlights need to manage wearable, IoT security
This week's launch of the Apple Watch has provided a focal point for security vendors who are flooding the market with new capabilities designed to prevent the Internet of Things (IoT) paradigm from becoming a runaway security threat.
David Braue | 12 Mar | Read more
Cisco kills FREAK flaw in its OpenSSL kit
Cisco has flagged a monster security update for dozens of Cisco security products affected by eight OpenSSL flaws, including the FREAK SSL/TLS bug.
The week in security: FREAKing out as bug joins human, nation-state threats
Even as DDoS attacks were outed as the biggest security concern for a range of businesses, the FREAK vulnerability spawned all sorts of puns and had security pundits concerned about the integrity of secure connections between computers and Web sites. CSOs were encouraged to check if they were vulnerable to the bug, while Apple moved quickly to squash it in its latest version of iOS and Microsoft confirmed that Windows is also vulnerable.
David Braue | 11 Mar | Read more
Apple nixes FREAK SSL bug in iOS 8.2, OS X and Apple TV
Apple released a new iOS update that prepares iPhones for the Apple Watch but also fixes serious security bugs, including the recently discovered flaw known as FREAK.
DDoS top security fear as businesses weigh reputational damage risk
Distributed denial of service (DDoS) attacks are the most worrying type of online attack for businesses and reputational damage and unhappy customers are among the most feared outcomes of such an incident, a new customer survey has revealed.
David Braue | 06 Mar | Read more
Stuxnet, Snowden and Sony: Why we've passed the cyber security tipping point
Heavy-handed pressures from tech-unaware legislators, successful strikes by laterally-thinking hackers, a growing tide of dissent about government intervention and corporate concerns about last year's massive hack of Sony Pictures corporate documents have pushed us past the security tipping point into an environment where cyber-attacks will increasingly become favoured tools of nation states and terrorist groups, a leading security journalist has warned.
David Braue | 06 Mar | Read more
Adobe opens bug reporting program, but don't report Flash and don't expect cash
Adobe has joined a bug disclosure program that invites researchers to report new flaws in its web applications. What can hackers expect for their work? Not a cash bounty.
Engineers, not users, to blame for security shortfalls: Cheswick
Systems developers need to stop blaming users for security shortcomings and focus on improving security by rebuilding their systems in a more secure and user-friendly manner, a security expert has argued.
David Braue | 06 Mar | Read more
Financial phishing, infections down but new strains emerging: Symantec
Proactive efforts to stop the rate of financially-targeted Trojans saw a 53 percent decline in infection rates during 2014 but ever-smarter malware is learning to evade new security measures, Symantec has warned after an analysis that found Australia suffered over 114,000 financial phishing attacks last year.
David Braue | 05 Mar | Read more