Stories by David Braue

The week in security: Old malware continues onslaught as new devices found vulnerable

By David Braue | 20 August, 2014 16:37

A broad study of equipment firmware found poor security practices are rife, with weaknesses presenting new opportunities for hackers to exploit the emerging 'Internet of Things'. Seemingly confirming their fears, a hacking contest found 15 new router vulnerabilities while others warned that the emergence of the 'Heartbleed' OpenSSL bug this year highlighted more severe underlying issues in hardware design.

Customers welcome C-suite advocate, CipherCloud chief trust officer reports

By David Braue | 20 August, 2014 16:34

Working as a chief trust officer has given Bob West a new perspective on the conversations security companies are having with customers – and his experience so far has convinced him that a growing number of companies are going to find value in appointing board-level executives to act as data-security liaisons between customers and the executive.

Smart city control networks being architected more securely than SCADA

By David Braue | 20 August, 2014 16:31

Advocates of heavily instrumented 'smart city' infrastructure are acutely aware of the legacy left by insecure SCADA control systems and are instrumenting modern industrial-control networks with a higher degree of security, according to smart-cities architect Silver Spring Networks.

Digital signatures make peak season less taxing for H&R Block

By David Braue | 19 August, 2014 23:17

Tax-preparation firm H&R Block has used a digital signature-based solution to streamline the process of bringing on additional tax specialists to help it through its busiest season – the third calendar quarter of the year, when the company will process more than 750,000 tax returns.

Scorpion two-factor authentication buy feeds exploding Australian cloud demand: Kaseya

By David Braue | 14 August, 2014 09:42

Fully 60 per cent of new Australian business by IT-management company Kaseya has come from cloud-related business, the company's local head has revealed as it announced the acquisition of Canadian identity and access management (IAM) vendor Scorpion Software.

Japan's banking malware surge pushes Australia out of top 10

By David Braue | 13 August, 2014 08:44

Australians may be getting smarter about banking scams after new figures from Trend Micro saw the country fall out of list of the top 10 countries most affected by banking malware.

The week in security: Ransomware hits the NAS as hackers set records

By David Braue | 13 August, 2014 08:35

Vendors would have been holding their collective breaths as the Black Hat conference rolled into town and researchers lined up to share their newest vulnerabilities. Some researchers were ready to name the most hackable cars, while others were talking about how to bypass PayPal's two-factor authentication and others were sharing information on how to steal security codes from home alarm systems.

Malware attacks sneak under the radar for Asia-Pacific companies

By David Braue | 08 August, 2014 11:47

Malicious hackers are regularly exploiting lesser-known vulnerabilities while organisations focus on the threats posed by high-profile “boldface” vulnerabilities, Cisco Systems has warned as it releases a 2014 Midyear Security Report (MSR) that shows Asia-Pacific companies are far more likely to encounter malware than colleagues in other geographies.

Nation-E cyber-security centre fosters IT-operational security collaboration

By David Braue | 07 August, 2014 20:38

Australian utilities are being encouraged to get involved in a new centre of excellence (CoE) launched to improve long-ignored infrastructure security by improving collaboration between information technology and operational technology leaders.

Checkmarx code security game aims to reinforce developer security

By David Braue | 05 August, 2014 23:57

Security firms may be trying all sorts of ways to improve developers' security skills, but Israeli application-security firm Checkmarx has taken a different approach with a crowdsourced online game that challenges developers to identify the security flaws in actual samples of code.

The week in security: Mobiles exposed as skills deficit hobbles security intelligence

By David Braue | 04 August, 2014 20:25

Businesses are accumulating data faster than they can accumulate people to analyse it, one consultant has pointed out as data-intensive security proves both more promising and more problematic than ever.

Life-tracking devices fail privacy, security tests: Symantec

By David Braue | 01 August, 2014 16:17

Developers of life-tracking devices are failing to build adequate security protections into their designs and potentially leaking private location and health data as a result, a Symantec study of the emerging 'quantified self' market has revealed.

World Cup fans embrace in-match WiFi, but in-stadium services a security target

By David Braue | 01 August, 2014 16:13

Usage statistics confirm that sports fans love connecting to public WiFi services for use during sports matches, with the large numbers of users and masses of data being transferred during World Cup matches confirming the need not to be tricked into connecting into a rogue access point at the event.

Utilities ignorant of IT security despite pounding by hackers: Ponemon

By David Braue | 30 July, 2014 14:58 | 2 Comments

Security pundits have warned of the imminent hacking threat to critical infrastructure providers, but a new Ponemon Institute survey of infrastructure operators suggests the threat is already here.

Next-gen firewalls protect crews in concert at Melbourne and Olympic Parks

By David Braue | 30 July, 2014 14:42

A furiously busy event schedule and an expanding range of facilities keeps the IT team at Melbourne and Olympic Parks (MOP) occupied – not only delivering discrete network services to visiting production crews for acts like Queen and Adam Lambert, but also providing the security infrastructure to ensure that those customers can connect both safely and reliably.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos Mobile Control

Data protection, policy compliance and device control for mobile devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.