-
Vulnerability database hack highlights need to bolster cybersecurity
National Vulnerability Database break-in comes as President Obama presses for stronger cybersecurity this week with corporate leaders
-
Cloud forensics: In a lawsuit, can your cloud provider get key evidence you need?
Any business that anticipates using cloud-based services should be asking the question: What can my cloud provider do for me in terms of providing digital forensics data in the event of any legal dispute, civil or criminal case, cyberattack or data breach?
-
Windows XP and Firefox browser amass worst vulnerability record over past 25 years
In a look at the number of vulnerabilities recorded over 25 years in software products and open source, a researcher at Sourcefire has determined that Microsoft Windows XP and the Mozilla Firefox browser stand out as the two with the largest number of high-severity vulnerabilities.
-
Contest aims to boost state of password encryption
Passwords are the most widely used security mechanism on the Web, so beefing up hashing algorithms, utilized to protect them, is important
-
Symantec SSL certificates feature cryptography 10k times harder to break than RSA-bit key
Symantec today began offering multi-algorithm SSL certificates for Web servers that go beyond traditional crypto to include what's known as the Elliptic Curve Cryptography (ECC) Digital Signature Algorithm (DSA), which the firm says will be 10,000 times harder to break than an RSA-bit key. Certificates are used to prove site identity to the visitor through a validation check that involves the user's browser and the site certificate, and Symantec is making the argument that authentication will happen faster using this particular ECC algorithm.
Get exclusive access to CSO, invitation only events, reports & analysis. - 1
Bank trojan targets users of Bitcoin exchange Mt Gox
- 2
Australian Information Security Association issues blunt warning as National Cyber Security Awareness Week begins
- 3
Review: Mobile Device Management
- 4
ACMA database keeps finger on Australia’s malware pulse
- 5
The week in security: Aussie banks targeted as mobiles drive privacy fears
- FTLead Software EngineerSA
- FTTest Analyst (MS Environment) .netNSW
- FTOS Web Applications DeveloperNSW
- FTFlash / ActionScript Developer - ContractNSW
- FTTest EngineerVIC
- FTTest Analyst (MS Environment) .netNSW
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTSenior Python DeveloperNSW
- FTR&D EngineerSA
- FTQuality ManagerSA
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
Warning: Tips for secure mobile holiday shopping
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.
