Earn up to $15k for hacking Microsoft’s Office Insider previews
Microsoft wants hackers to focus on malicious attachments and macros.
Social Networking Security — News
The week in security: Hackers plunder online databases as Trump nominee flags security boost
The inauguration of Donald Trump as US president led some to wonder whether a DDoS attack on Whitehouse.gov can be considered as a legitimate protest like any other. There was also buzz as outgoing president Obama’s pardon of secret leaker Chelsea Manning led to [an offer by Julian Assange to face extradition to the US.
David Braue | 23 Jan | Read more
10 things to help you identify intruder threats faster
The security threats posed by external and internal intruders cannot be overstated, and will become even more significant as compliance and operational requirements continue to tighten.
David Braue | 18 Jan | Read more
Google drops “Android for Work” because plain Android is so secure
Google is confident that security and privacy features built into Android make it mature enough to warrant shedding the name Android for Work for enterprise features.
Google Chrome will block thousands of sites using SHA-1 certs from January 2017
Beginning January Google will start using full page warnings in Chrome when the browser encounters sites using TLS/SSL or digital certificates signed with the aging SHA-1 hashing algorithm.
Ashton Kutcher, the battle between convenience and security: Intel Security Focus 16
Ashton Kutcher is best known as an actor and producer, but he is also a successful tech investor having taken stakes in companies such as Airbnb, Foursquare, Meerkat, Spotify and Uber.
Stephen Withers | 08 Nov | Read more
Blockchain, IOT pose risk and security headaches if privileged accounts aren’t controlled
Blockchain distributed-ledger technology is opening up new frontiers for financial services and other companies, but security specialists are pushing for early action on both blockchain and related account-management technologies to avoid the punishing security breaches being seen due to Internet of Things (IoT) shortcomings.
David Braue | 25 Oct | Read more
IoT, health and other data creates massive value
With about five billion IoT devices connected today, with growth expected to reach 25 to 38 billion over the next five years it's clear something needs to be done to arrest the threat of billions of devices being recruited for nefarious purposes.
Anthony Caruana | 25 Oct | Read more
DNC hackers worked with at least six zero-day exploits
Hackers behind the US Democratic National Committee (DNC) breach and several other profile cyberattacks had at least six zero-day exploits on hand and a custom-made exploit kit.
Police arrest man suspected of LinkedIn’s 2012 mega breach
A Russian citizen arrested by Czech police on Wednesday is a key suspect behind a breach at LinkedIn that affected 117 million accounts.
EFF: Google’s Allo Incognito mode endangers users
End-to-end encryption in messaging apps is meant to protect users’ privacy, but the way Google did it in its new Allo app may perversely endanger private communications, according to Electronic Frontiers Foundation.
OpenSSL: last week’s minor bug patch introduced a critical flaw
The OpenSSL cryptographic library is widely used to protect communications between web servers and clients, such as browsers and apps, on the internet. Few consumers knowingly use the software, but it is important enough for Google’s July ban on Android apps in Google Play that used outdated versions of OpenSSL.
Protecting your reputation following a data breach
Data breaches are inevitable and waiting for a breach to occur before designing an incident response plan is a recipe for failure. It’s a question of when the breach will occur and how you will respond, not if you will be breached. 100% prevention simply doesn’t exist, so having a plan to deal with a security breach is now more important than ever. You probably already have an incident response plan from a technical perspective. Phrases such as preparation, identification, containment, eradication and lessons learned.
Wayne Tufek | 15 Sep | Read more
With network perimeters porous, virtualise app components to regain control
Microsegmentation controls interactions between network, app components in ways firewalls can't
David Braue | 19 Aug | Read more
Scareware trojan infects 2.8 million Android devices
If you’re seeing scary ads claiming your Android phone is infected with malware, you might have installed a legitimate looking app that contains dodgy ad-serving software.
Twitter suspends accounts that lured ISIS supporters to install spyware
Twitter has suspended at least two accounts that were spreading links to spyware aimed at people who sympathise with terrorists.
NIST: SMS two-factor is dead! If you're a US agency
Any service provider to the US government that relies on SMS for two-factor authentication may need to swap the method for something with fewer design weaknesses.
Why hackers love health apps
Hackers love health apps because their popularity has outpaced the industry's ability to safeguard them. Technology experts discussed the privacy and security risks at a House hearing July 14 with the Energy and Commerce subcommittee.
Xuanyan Ouyang | 27 Jul | Read more
Vic to bring child protection laws into the digital age
Victoria’s government has moved to update its child protection laws to keep pace with new technology, particularly social media settings.
Andrew Colley | 08 Jun | Read more
Facebook Messenger flaw revealed
A new Facebook Messenger vulnerability has been detected that makes it possible for an attacker to modify or remove any sent message including rich content such as photos, files, and links.
Anthony Caruana | 08 Jun | Read more