Social Engineering

News

Pwn2Own – Incentivised Hacking

By Anthony Caruana | 15 March, 2014 22:02

HP's annual Pwn2Own contest has been run and won. Critical flaws in every major browser, which allowed remote code execution, were found as well as issues with Adobe's Flash and Reader products. Pwn2Own is a hacker contest that runs within the CanSecWest event in Vancouver. Hackers are offered cash prizes as incentives as well as donations of computer hardware and other prizes given to the security researchers.

More DDoS attacks will be application based: Gartner

By Hamish Barwick | 25 February, 2013 10:14

Hackers are adapting distributed denial of service (DDoS) attacks and combining these with social engineering tactics to try and infiltrate banks during 2013, warns Gartner.

Oz watchdog eyes whitelisting as “reasonable” privacy measure

By Liam Tung | 07 December, 2012 07:34

Enterprise information security in Australia could come under much greater scrutiny with the nation’s Information Commissioner looking to drill down deeply into the details of an organisation’s security practices after a breach.

Security threats explained: Social engineering

By Hamish Barwick | 20 June, 2012 08:58

In this series, Computerworld Australia examines some of the information security threats facing small businesses and larger enterprises today. We’ve looked at internal negligence and continue the series by speaking to experts about the problem of social engineering.

SaaS, APTs and asymmetric risk take spotlight at Security Threats 2012

By Bernard Golden | 03 February, 2012 09:40

I had the opportunity to speak at a new security conference last week, Security Threats 2012. I presented on the topic of balancing business benefits with risks in the cloud (more on that later), but the event touched on a wide range of pertinent IT topics, provoking stimulating discussions of some of the most pressing challenges business leaders are facing.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Deep Security - Enterprise Virtualization Security

Advanced protection for physical, virtual and cloud servers

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.