Because most security flaws are introduced into enterprise applications during the development process, companies must take proactive steps to build internal security communities and run ‘bug bounty’ programs to convince sympathetic hackers to pick up on bugs before malicious hackers do, the head of security on Australia Post’s high-profile Digital Mailbox effort has advised.
Analysts were warning about the potential for machine-to-machine (M2M) network connections to expose dangerous new opportunities for hackers.
The number of malicious URLs may have increased by 600 per cent during 2012 but growing diversity in the nature and method of Web attacks has seen China fall down the leader boards as a source of malware attacks, research from security firm Websense has found.
Recent attacks on the New York Times and Wall Street Journal Web sites have proved nothing if not that information security efforts are still falling short, <a href=”http://www.cso.com.au/article/452679/chinese_attacks_show_up_useless_infosec_again/”>some have argued</a>.
Remote-access vendor LogMeIn is playing on its security credentials as it targets small businesses with Cubby, a cloud and local file-syncing tool that is, in the words of its Australian head, designed to "out-Dropbox Dropbox".
Google is facing legal action in the UK over the way it undermines the Safari Web browser's privacy settings – somewhat ironic given the magnitude of its $US3.14159m prize for hacking its Chrome OS.
The Labor government’s <a href=”http://www.cso.com.au/article/451494/pm_commits_1_46_billion_improving_cyber_security_networks/”>$1.46b commitment</a> to boosting cybersecurity efforts was a significant investment in an area where the ‘good guys’ have often seemed hopelessly outgunned.
If you've ever wondered why cybercrims go to so much trouble to conduct their nefarious business, new statistics should clarify things a bit: in the EU alone, new Europol figures suggest, organised crime groups are making around €1.5 billion ($2b) per year from payment card fraud.
Are your BYOD-embracing employees decommissioning their old mobile devices to ensure they can't still access your corporate networks?
There was quite a lot of kerfuffle around the did-they-or-didn't-they in relation to the alleged capture of McAfee founder John McAfee, with reports suggesting he was still free even after a blog entry said he was caught trying to leave Belize.
The latest addition, which adds certification to the UK government's CAPS (CESG Assisted Products Service) to existing certifications to the US FIPS 140 2 Level 3 and Australia's Common Criteria EAL4+, will help Senetas expand the export opportunities for its Layer 2 network encryption tool and could eventually pave the way for acceptance by more of the 28 NATO member states.
Australia has some of the world's safest web sites – but the world's highest rate of attacks against Android mobile devices, according to figures in a new report on malware activity during 2012.
Financial-industry managed services provider TAS Managed Services (TAS) is targeting full PCI compliance by 2013 and will offer its own clients a broader portfolio of security-auditing services after stitching up a long-term relationship with security consultancy Pure Hacking.
The year 2012 has been named ‘the year of the data breach’ after a string of high-profile hacks and the unintentional release of government-held information.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.