News

Malicious USB dongle / memory stick / thumb drive with skull icon
A binary map of china.

Volunteers / volunteerism  >  A group of business people raises their hands.

Cyber security volunteers protect Australian healthcare in COVID-19 crisis

Inspired by a UK effort, the Australian cyber security professionals will help healthcare organisations and small charities in Australia and New Zealand.

security vulnerabilities such as hackers and cyberattacks

Suspect a DDoS attack? Double-check before you cry foul

Credibility of digital transformation-minded Australian government in tatters after social-benefits website implodes

threat ransomware response

Attacker reveals some of the data stolen from Henning Harders

The ransomware group Maze published 6.5GB of data revealing information on the distributors’ clients, its employees, and other commercial operations.

Social engineering  >  Laptop user with horns manipulates many social media accounts

Virtual security conferences fill void left by canceled face-to-face events

Notable members of the infosec community are creating impromptu but highly popular virtual events using cheap, off-the-shelf tools.

Insider threats  >  Employees suspiciously peering over cubicle walls

How Australian, NZ firms have pivoted to address cyber security threats

Firms have made cyber security more strategic, but struggle to identify the key actual threats in a changing landscape

cso siem visibility gap in security apps legacy eyes crack breach privacy

TIA Act telecom data privacy implementation under fire

A federal senator critiques the government’s “cavalier disregard” for hard-fought protections in a contentious parliamentary debate.

ransomware hack

Ransomware strikes Aussie freight firm Henning Harders

Meanwhile, ransomware victim Toll Group has nearly completed its recovery from a 31 January attack.

sunit sim holder

NZ suffers unexpected boom in SIM swapping attacks

Australia has moved to make such attacks harder. New Zealand also sees more SMS and phone scams.

Coronavirus (COVID-19)

Coronavirus: What companies are ready for our new reality?

One class of companies is already equipped to work in a fully distributed employee model. Another going to have a difficult time adapting to most employees having to work from home. Some won’t survive if this lasts more than a few...

9 prioritization

New CSO benchmark reveals security priorities

58 large organisations share their security spending, priorities, and other findings to help smaller organisations make better security decisions

CSO  >  ransomware / security threat

Deloitte: 8 things municipal governments can do about ransomware

Deloitte researchers explain why state and local governments are favored for ransomware attacks and how they can protect themselves with limited resources.

interoperable gears / integrated tools / interoperability

Open-source options offer increased SOC tool interoperability

Too many security tools in your SOC, and none of them talk to each other, but new vendor-supported open-source projects might lead to greater interoperability.

Intel CPU  >  security

New CPU attack technique can leak secrets from Intel SGX enclaves

The Load Value Injection attack can bypass security boundaries and mitigations put in place for other CPU vulnerabilities such as Spectre and Meltdown.

Facebook / network connections / privacy / security / breach / wide-eyed fear

Privacy watchdog sues Facebook over Cambridge Analytica scandal

The OAIC claims “serious and/or repeated” interference with over 300,000 Australians whose privacy was affected.

cloud security / data protection / encryption / security transition

Government agencies face big onus after cloud-security decision

Amidst concerns about hack of Defence personnel database, agencies directed to self-assess cloud security

soldiers military

Citrix security flaw took down a Defence Force personnel database

The Defence Force Recruiting Network (DFRN) electronic records system was taken offline for 10 days until it could be patched and judged safe

Intel CPU  >  security

Intel CSME flaw is unpatchable, researchers warn

Researchers reveal that a previously known Intel flaw is unpatchable and could allow attackers to compromise the cryptographic chain of trust in Intel systems.

binary eye circuits

Authentication, identity management start-ups lead 2019 VC investing

Cybersecurity venture investments reached nearly $7 billion in 2019. Authentication and identity management start-ups were the top lures.

Load More