Wireless Security
News
Near field communication – the security risks
Near field communication (NFC) is a type of contactless, wireless technology used for sending information or making payments. By embedding an NFC chip inside a smartphone, a company can create a virtual wallet where users store credit card information and can pay at a store simply by waving their smartphone over a credit card reader.
ChapCrack tunnel exploit prompts Microsoft configuration warning
Microsoft has advised customers using its MS-CHAP v2 authentication protocol for Point-to-Point Tunnelling Protocol (PPTP) VPNs to implement additional protections nearly a month after researchers released an exploit tool to quickly crack credentials handled in the process.
Siri open to anyone even when iPhone 4S locked
The default settings for Apple’s new iPhone 4S personal assistant Siri allows anyone to give it commands when it’s password-locked.
Android, the simmering security shemozzle
Even apart from the serious security flaw in HTC Sense and malware that talks to an encrypted blog, to name just two recent issues, a consensus seems to be emerging. Android has serious security problems.
New Android malware texts premium-rate numbers
Researchers at Russian security company Kaspersky Lab say they've discovered the first malicious software program to target Google's Android mobile operating system.
Features
The Latest BlackBerry Spyware Scare: Don't Worry, Yet
Here we go again. Another BlackBerry security scare, in which some "noble" researcher explains to all of us blissfully-unaware BlackBerry users that our precious devices aren't nearly as safe as we think they are.
Simple Steps to Hack a Smartphone
What kind of information do you have on your business card? Company name? Check. Your name and title? Check. Business address? Check. Mobile work phone number? Wait a minute.
Cellcrypt for BlackBerry Secures Cellular Voice Conversation
The BlackBerry platform is known for its impressive security safeguards; Research In Motion's (RIM) BlackBerry Enterprise Server (BES) is literally designed from the ground up to meet enterprise security needs, and its various international security certifications attest to its effectiveness. However, there's one component of the BlackBerry ecosystem that's largely unguarded from potential threats: phone calls, i.e., voice traffic.
Want to manage your wired/wireless LANS together? Too bad
For the past few years, organizations have gone full-force in deploying a combination of wired and wireless enterprise networks. But now, as wireless technology matures, they are left asking: Where are the tools to unify management of these disparate networks?
Two wireless LANs better than one, Carnegie Mellon says
Carnegie Mellon University has launched a massive upgrade of its campus-wide wireless LAN and chosen two WLAN vendors to supply the 802.11n infrastructure for it.
Opinions
Addressing the security risks of BYO device
The head of security hastily leaves the meeting without excusing herself. Her body language indicates that it is an important call. As she walks back in, all eyes in the room subliminally pose the same question. Without further prompting, the head of security says: “The CEO wants to know why she can’t watch a YouTube video on her iPad. It’s against policy, but we have to make it happen. While we’re at it, she also wants to be able to access her email and calendar on her iPhone”. This actually happened at a large financial institution.
iPhones, iPads in the enterprise: 5 security views
When it comes to mobile devices, IT security practitioners prefer employees use a BlackBerry because it's easier to control the data users share on them than, say, an Android or iPhone. But as consumer-based devices like the Apple brands get more sophisticated with each release, it's getting harder to keep them out of the workplace. Proliferation of the iPad has only heightened enterprise hunger.
Mobile Security: Why I still want my iPad, iPhone
Everything I've learned about mobile security tells me it's bad to use the consumer-based technology for work. That's where all the bad stuff comes from. That includes devices like the iPhone and iPad.
Smart Phone Attacks: Here and Now
When security vendors used to pitch articles on smart phone malware, my blood ran cold.
Get exclusive access to CSO, invitation only events, reports & analysis. - 1
Bank trojan targets users of Bitcoin exchange Mt Gox
- 2
Australian Information Security Association issues blunt warning as National Cyber Security Awareness Week begins
- 3
ACMA database keeps finger on Australia’s malware pulse
- 4
Review: Mobile Device Management
- 5
The week in security: Aussie banks targeted as mobiles drive privacy fears
- FTTest Analyst (MS Environment) .netNSW
- FTSenior Python DeveloperNSW
- FTR&D EngineerSA
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTQuality ManagerSA
- FTFlash / ActionScript Developer - ContractNSW
- FTOS Web Applications DeveloperNSW
- FTTest EngineerVIC
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTTest Analyst (MS Environment) .netNSW
- FTLead Software EngineerSA
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
