Australia’s Internet space shows the same distribution of vulnerable IP ports as the rest of the world and a dangerous preponderance of insecure Universal Plug ‘n’ Play (UPnP) devices, Metasploit Project founder HD Moore has warned while recounting the surprising results of his efforts to catalogue the results of communicating with every IP address on the Internet.
HP's Colin Henderson believes the security industry needs to become more adept at understanding the role of big data in security analysis, to try and stay ahead of an increasingly sophisticated and collaborative “black hat” world.
Mobile devices are getting hit by a boom in malware similar to the one that hit PCs starting with the rise of the Web, a security software executive said Tuesday.
The annual AusCERT conference began on the Gold Coast with an invasion by some friendly storm troopers. Delegates heard insights from Google, the Department of Environment and Queensland Police Service. The conference continues until Friday.
Blue Coat Systems, a provider of Web traffic filtering and business assurance products and services, plans to buy security analytics specialist Solera Networks, which uses data mining techniques to classify network traffic and detect potential security threats.
An IT security skills crunch may be hitting many established security providers and security-conscious companies, but new entrant Dell SecureWorks is confident it can thrive as it today throws its white hat into the ANZ security-services ring.
According to the latest report from Frost & Sullivan, the United Arab Emirates (UAE) is showing a greater demand for cloud security solutions, as cloud uptake across the region continues to increase.
In 1971, John Draper used a whistle, found in a cereal box, to reproduce a 2,600 Hz tone able to allow phreaks to make free calls -- wire fraud was born. This was a man acting on no other motive than personal gain, but how the game has changed. Just last year, oil giant Saudi Aramco suffered a very serious and very public cyber attack, which floored 30,000 machines. This was a very sophisticated and organised act of cybercrime.
A new variant of the Citadel financial malware is targeting users of the Payza online payment platform by launching local in-browser attacks to steal their credentials, according to researchers from security firm Trusteer.
Google has urged security professionals to help Australians stay safe on the National Broadband Network (NBN).
A survey of U.S. utilities shows many are facing frequent cyberattacks that could threaten a highly interdependent power grid supplying more than 300 million people, according to a congressional report.
Chinese cyber marauders sought more than just information on activists -- they wanted access to FBI, DOJ investigations on spies in the U.S.
If you have any expectations about the privacy of your Skype communications, you may want to reassess them.
Security researchers found serious vulnerabilities in the engines of several popular first-person shooter video games that could allow attackers to compromise their online servers and the computers of players accessing them.
The Pentagon's decision to grant Apple the security clearance required for iOS 6 devices to go head-to-head with BlackBerry 10 and certain Samsung Galaxy S4 devices on secure military networks could have with a cascading effect that spills over into the private sector.
Strongbox preserves anonymity at the price of authenticty
Australian ISPs and universities are sending more than 10,000 emails a day to warn customers their systems appear to be infected by malware – but as few as one in five is ever read by its recipient, statistics from the Australian Communications and Media Authority’s (ACMA’s) Australian Internet Security Initiative (AISI) show.
Bit9 has teamed with FireEye and Palo Alto Networks, which each have sandboxing technologies, in order to share information related to zero-day attack code.
New cyberespionage attack by People's Liberation Army prompts calls for action such as sanctions, but experts are mixed on best response
For the last three months or so, the U.S. government and some of its defense contractors have engaged in a war of shame on China to pressure it to cool its cyber-attacks on U.S. targets. The campaign appeared to be yielding results, but it seems that Chinese hackers were only catching their breath.
Sign up now »
Get powerful mobile security capabilities, and protect the data the various mobile devices inside your organization.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.