Attack Word documents designed to lure victims into opening them were crafted to fetch a PNG image file that contained an exploit for vulnerable versions of Office
With the 2015 completion of its $430m Midland Public and Private Hospitals on the horizon, Perth-based St John of God Health Care is repackaging hundreds of corporate applications and adding location-based intelligence to its device management to maintain consistent security controls over information no matter where its mobile users are located.
Although BYOD security gets the headlines, IT managers find issues like device management, scope management and support just as challenging.
At the recent CSO Australia Mobile Security roundtable, held at AusCERT, 21 guests thrashed out their experiences and concerns.
The Internet Industry Association (IIA) will accept public feedback for the next three weeks after completing its review of the icode – the ISP association’s voluntary code of conduct – with a view to a major update that will address mobile and other evolving security threats.
The hardest part of maintaining a security defence is figuring out the things we don’t know – but by applying monitoring to all network traffic and simplifying accessibility to analytics tools, it’s easier than ever to ferret out new malware and seal perimeters that have been compromised by mobile devices, a Palo Alto Networks analyst has advised.
These days barely a day goes by where there isn’t some sort of network security breach or hack or malfunction of some sort. This year too we had the rise of groups such as Anonymous and Lulz that sought out attention for their activities. Here we take a look at the year in pictures of some of the key security problems that grabbed our attention.
11 tips for protecting your wireless networks
Symantec Vision 2011 Sydney in pictures
Android doesn't rival BlackBerry when it comes to security and enterprise support. But Android devices can still be reasonably secure. Here are some tips to help you protect your investment, privacy and data.
Ponemon Institute asked 745 information-technology and security managers whether USB drives were important for business use, and if they were secure. What did the survey find?
Perhaps it was an omen of what was to come when the city of San Francisco on New Year's Eve 2010 couldn't get a backup system running in its Emergency Operations Center because no one knew the password.
No company wants to be associated with a data breach, but if your systems are compromised the fallout can sometimes be more damaging than the act itself.
More companies are seeing the benefits of allowing their employees to bring personally owned devices into the workplace and onto the corporate network. The familiarity of having your own smartphone for work means that you can work faster and, perhaps cynically from the employer’s perspective, that you are far more likely to work longer.
Six tips to help get the efficient and secure management of mobile devices under control.
Mobility has become a key part of business operations in recent years. Smartphones and tablets have become an accepted part of everyday business as the workforce becomes more and more dispersed, with managers expecting their employees to remain connected and productive while they are away from the office.
The head of security hastily leaves the meeting without excusing herself. Her body language indicates that it is an important call. As she walks back in, all eyes in the room subliminally pose the same question. Without further prompting, the head of security says: “The CEO wants to know why she can’t watch a YouTube video on her iPad. It’s against policy, but we have to make it happen. While we’re at it, she also wants to be able to access her email and calendar on her iPhone”. This actually happened at a large financial institution.
ISPs in Australia have for some time been notifying users about the likelihood that their computers have been compromised by malware. Now under the icode, the system has been formalised. Education and remediation tools are being made available to suspected victims.
Sign up now »
Clearswift SECURE Email Gateway is an effective and resilient email gateway for 50 to 50,000 users.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.