Malware / Cybercrime News, Features, and Interviews

News

Drupal offers bounty for breaking its new two-factor authentication

By Liam Tung | 28 August, 2014 23:43 | 2 Comments

Developers behind the popular open source content management system, Drupal, want hackers to break its two-factor authentication system for drupal.org before it goes live.

DevOps not a security threat, says AWS panel

By Stephen Withers | 25 August, 2014 12:22

During a security round table at the recent Technology in Government event, some delegates emphasised the need for separation of duties between development and operations staff.

SynoLocker victims who paid but still couldn’t unlock files get a second crack

By Liam Tung | 25 August, 2014 09:26 | 2 Comments

If you paid $350 fee to unlock your files on a SynoLocker trapped storage device but still couldn’t access them, there may be hope thanks to a new tool from Finnish security vendor F-Secure.

Amazon tricks up CloudFront encryption with anti-spy feature

By Liam Tung | 22 August, 2014 12:56

Spies and hackers will find it harder to unseal encrypted communications if they’ve already captured packets sent across Amazon’s content distribution network, CloudFront.

The 10 most terrifying security nightmares revealed at the Black Hat and Def Con hacker conferences

By Brad Chacos | 22 August, 2014 08:12

It's that time of year again: The wonderful, terrifying week when hackers and security gurus descend upon Las Vegas to show off their skills and unleash presentation after presentation full of scary-sounding exploits. This year is no different. Over the previous week, we've heard tales of planes brought down by rogue code, snoops spying on your security cameras, and secretive, undetectable code that can turn any USB drive into an unstoppable malware vessel.

Reviews

The security suite guide 2010

By Frank J. Ohlhorst | 18 August, 2010 08:54

Just a few short years ago, all a PC needed for protection was a basic antivirus program to guard against any malware that arrived via an e-mail attachment, embedded in a shareware application or piggy-backed on a floppy disk.

Slideshows

In pictures: Inside the CSC Sydney cyber security centre

By Hamish Barwick | 03 June, 2014 14:01

CSC opened the doors to its new security operations centre (SOC) in Macquarie Park, Sydney this week. The SOC is one of five that the vendor operates globally as part of a 24/7 strategy to identify cyber threats in real time.

Custom defence in the age of an inevitable breach

By CSO staff | 30 August, 2013 10:06

CSO Trend Micro Workshop

In pictures: PM launches cyber safety program

By Hamish Barwick | 17 January, 2013 09:07

Prime Minister Julia Gillard was on hand in Sydney this week to launch a new cyber education module called bCyberwise. Developed by Life Education and McAfee, the program is designed to teach primary school students about online dangers such as becoming `friends' with strangers and cyber bullying. The program will be rolled out to Australian schools from 4 February.

Rogues gallery: 9 infamous social engineers

By Joan Goodchild | 20 February, 2012 09:10

Social engineers, or "human hackers", have been duping victims from the very beginning of human existence. Here are nine infamous con artists who made history with their scams and schemes.

From Anonymous to Hackerazzi: The year in security mischief-making

By Michael Cooney | 08 December, 2011 09:08

These days barely a day goes by where there isn’t some sort of network security breach or hack or malfunction of some sort. This year too we had the rise of groups such as Anonymous and Lulz that sought out attention for their activities. Here we take a look at the year in pictures of some of the key security problems that grabbed our attention.

Features

2011's biggest security snafus

By Ellen Messmer | 02 December, 2011 06:27

Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.

Guide: How to bulletproof your website

By Esther Shein | 29 November, 2011 03:32

'Tis the season to begin ramping up online shopping activity, and for retailers that means doing all they can to ensure their websites are up, highly available and able to handle peak capacity. Looming in many IT managers' minds is the cautionary tale of Target, whose website crashed twice after it was inundated by an unprecedented number of online shoppers when the retailer began selling clothing and accessories from high-end Italian fashion company Missoni.

Security breach

By Matt Rodgers | 22 September, 2011 09:00

No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.

NEWS FOCUS: Cyber-espionage attacks threaten corporate data in new unrelenting ways

By Ellen Messmer | 08 August, 2011 20:26

Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.

Penetration Testing

By Malcolm Higgins | 13 July, 2011 12:16

This is a real issue, and not just one for the well publicised attacks on major corporations such as Sony, Lockheed, Google, and Citi. It affects every business and organisation, large and small. More worrying still, it is now widely suggested that hackers and espionage organisations are moving away from directly attacking their target company, choosing instead to route their attack through suppliers to their target. Thus, even small and seemingly innocuous “third party” businesses who would not consider themselves as potential targets are now on the front line of this cyber war.

Opinions

It’s All About the Threat: Five Questions to Ask to Make Sure you Stay Focused

By Ammar Hindi | 27 June, 2014 08:13

Lack of cybersecurity talent coupled with the increasing complexity of threats and networks, a heightened regulatory environment, and an accelerating pace of innovation is driving many organisations to look outside their walls for cybersecurity protection.

Under attack, how banks can fight back

By Geoff Webb | 02 June, 2014 10:50

In March 2013, the Reserve Bank of Australia confirmed that hackers had penetrated its computers but failed to steal sensitive data or corrupt networks, amid growing alarm that sophisticated cyber attacks may leave banks and other organisations unaware they have been compromised.

You already have a secret weapon against cyber crime – want to know what it is?

By Andrew Bycroft | 11 February, 2014 17:01

Many casualties resulted from the many wars that were fought during the last century. A high percentage of those soldiers were engaged in combat because there was no ability to opt out. Most of us would not want to go to war, but unfortunately war has a way of finding us.

What cyber criminals don’t want CISOs to know

By Andrew Bycroft | 11 February, 2014 14:21

Every day there is a story in the news of a security threat causing havoc to even the largest of enterprises. It may be website defacements one day, denial of service the next and credit card data exfiltration the day after.

The business side of cyber security

By Ammar Hindi | 06 December, 2013 11:04

Balancing security priorities with business flexibility and agility is a tough challenge. But it’s a challenge every executive management team faces as it strives to drive business growth, achieve competitive advantage and maximise operational efficiency.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos Mobile Control

Data protection, policy compliance and device control for mobile devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.