Open Source Security
News
Google to auto probe Android Market for malware
Google has unveiled Bouncer, its answer to the growing threat of maliciously laced software available on the Android Market.
Cnet de-trojans Nmap, but outrage continues
Tech publisher CNet has removed the controversial proprietary installer it overlaid the penetration testing tool Nmap with, but critics are angry it is still used for "thousands" of other downloads.
WatchGuard launches iOS-friendly security appliance
WatchGuard's latest security appliance, the XTM 330, allows business travelers from small enterprises to use their iPads or iPhones to communicate securely with the office, the vendor said on Tuesday.
Hackers launch millions of Java exploits, says Microsoft
Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.
OpenPGP JavaScript implementation allows webmail encryption
Researchers from German security firm Recurity Labs have released a JavaScript implementation of the OpenPGP specification that allows users to encrypt and decrypt webmail messages.
Reviews
Review : Clearswift SECURE Web Gateway 2.5
We were eager for this box to arrive from Clearswift, this kind of kit gets us excited. We were expecting a hardware appliance to be shipped to us, but when opened the box, all we found was a 1RU Dell Server.
Features
5 open source security projects to watch
Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.
Tutorials
Open source FreeOTFE encrypts disks handily
FreeOTFE may sound like a political bumper sticker, but it stands for "Free On The Fly Encryption." The "Free" part is self-explanatory; "On The Fly Encryption" refers to the encrypting/decrypting of data as it is written to or read from your hard disk.
Get exclusive access to CSO, invitation only events, reports & analysis. - 1
Dell targets ANZ security opportunities as SecureWorks debuts locally
- 2
AusCERT 2013: Cloud-based scanner identifies new malware by its ancestry
- 3
AusCERT 2013: Users, cats more likely hack culprits than cyber-espionage: Trustwave
- 4
ACMA database keeps finger on Australia’s malware pulse
- 5
Lethal medical device hack taken to next level
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
