The week in security: Early cyber education could stop people from being such easy targets – eventually

Credit: ID 98337660 © Oleg Erin |

Red-teaming is a critical security function but those managing red teams need to be sure they work with the business and don’t just treat it like sanctioned surreptitious hacking, the head of Atlassian’s red team told attendees at the recent CSO-AWSN Women in Security Conference & Awards.

That event was notable for many reasons, but one was the awarding of a Special Recognition award to Tamara Baker, an enthusiastic Year 9 student whose passion for cybersecurity is evident in this video interview with CSO journalist David Braue.

Also on the agenda was the need to turn the network into a giant sensor.

The dastardly BlueKeep exploit – which Microsoft and government cybersecurity agencies have been warning about for months – is now in the public domain after Metasploit released a module that will let developers directly exploit the vulnerability. Expect bad things to follow.

Not that most cybercriminals even need to work that hard: with business email compromise now responsible for over $US26b ($A38b) in losses, according to the FBI, fraudsters seem to be able to get good results simply through old-fashioned deception.

Indeed, scammers have been particularly busy, with Telstra reporting that it blocked 2.9m scam calls in a single month but that they just keep coming.

The biggest part of the problem, according to an updated Proofpoint report, is that people simply aren’t very good at ignoring scammers and cybercriminal schemes. Very Attacked People, we are warned, are doing cybercriminals’ jobs for them.

The need for better anti-fraud policies may become increasingly urgent as government bodies pivot on cybersecurity and push through policies enabling more consumer-focused conversations.

Meanwhile, Google was fixing a host of Chrome security flaws.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about AtlassianCSOFBIGoogleMicrosoftProofpoint

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts