Security » News »

  • Kenneth van Wyk: Why do we keep relearning the same security lessons again and again?

    Don't look now, but we've failed to anticipate our attackers' next moves --- again.

  • New malvertising campaign hit visitors of several high-profile sites

    Some visitors to several high-profile websites last week were redirected to browser exploits that installed malware on their computers because of malicious advertisements on those sites.

  • Dropbox offers 1TB Pro plan for $9.99

    Dropbox is consolidating its three Pro account options into a single plan that's priced at US$9.99 per month and includes 1TB of storage and added controls for document sharing and security.

  • Netflix open sources internal threat monitoring tools

    Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services.

  • Telstra talks customer phone privacy

    Telstra has moved to re-assure customers that their phone conversations are kept private and would be only accessed if a police warrant was in place for a particular customer.

  • Brandis mum on data retention cost

    Attorney-General George Brandis has reiterated the government's intention to introduce a mandatory data retention regime but failed to answer a query by Greens Senator Scott Ludlam on what the cost of such a scheme is likely to be.

  • How Medibank embraced cloud, overcame shadow IT

    Medibank is allowing staff outside of the IT department to sign up to cloud services such as Amazon Web Services (AWS) to reduce website hosting costs, while at the same time including IT security in the process, according to Medibank enterprise security manager Mark Burns.

  • Cleveland Indians turn to SIEM in malware, botnet battle

    For the Cleveland Indians' IT department, dealing with malware on behalf of hundreds of Windows-using employees at the baseball team's Progressive Field data center operations can be a little bit like a pitcher facing a stacked batting line-up: a constant battle.

  • Tesla recruits hackers to boost vehicle security

    Electric carmaker Tesla Motors wants security researchers to hack its vehicles. In coming months, the Silicon Valley based high-tech carmaker will hire up to 30 full-time hackers whose job will be to find and close vulnerabilities in the sophisticated firmware that controls its cars.

  • Feds issue bulletin warning about malicious 'Google dorking' cyber actors

    If you are good at research by using Google searches, does that make you a malicious cyber actor? Of course not, but DHS, FBI and NCTC (National Counterterrorism Center) have issued a bulletin warning about malicious "Google dorking" cyber actors. If using advanced search techniques on Google or Bing is considered suspicious, what does that make Shodan users who specifically target SCADA, ICS, VoIP, routers, switches, webcams and printers to name but a few?

  • Hackers prey on Russian patriotism to grow the Kelihos botnet

    The cybercriminal gang behind the Kelihos botnet is tricking users into installing malware on their computers by appealing to pro-Russian sentiments stoked by recent international sanctions against the country.

  • Firefox OS to outdo Android on granular application permissions

    Future versions of the Firefox OS mobile platform will allow users to control application-specific permissions, a feature with both privacy and security benefits that's missing on Android.

  • HyTrust, Intel team to lock down VMware virtual machines

    HyTrust, in a partnership with Intel, today said its cloud security software used with VMware-based virtual machines can now ensure those VMs will only run in designated trusted locations based on what's called new "boundary controls."

  • Netcore, Netis routers have hardcoded password, Trend Micro says

    A line of routers from a China-based manufacturer has a serious flaw that could allow a hacker to monitor someone's Internet traffic, according to research from Trend Micro.

  • Some light shed on scope of data retention regime

    Industry peak body, the Communications Alliance, says it is working with the government to “provide greater clarity and precision to a government proposal for a data retention regime”.

  • California passes law mandating smartphone kill switch

    Smartphones sold in California will soon be required to have a kill switch that lets users remotely lock them and wipe them of data in the event they are lost or stolen.

  • iPhones, iPads ripe for the picking

    Attackers could compromise iPads and iPhones on a large scale through the infected computers that make up botnets, researchers say.

  • Report: NSA built 'Google-like' search engine for metadata

    The U.S. National Security Agency built a "Google-like" search engine to give domestic and international government agencies access to details of billions of calls, texts and instant messages sent by millions of people, according to The Intercept.

  • Tokenization is the way to prevent e-commerce security breaches

    This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach

  • Shadow cloud services pose a growing risk to enterprises

    A growing tendency by business units and workgroups to sign up for cloud services without asking their IT organization creates serious risks for enterprises.

CIO
ARN
Techworld
CMO