Email Alerts
-
Two 'critical' bulletins planned for April 2013 Patch Tuesday
Microsoft plans to issue nine bulletins for its April 2013 Patch Tuesday release, including two "critical" fixes for Internet Explorer and Windows iterations.News | 04 Apr 2013
-
How to develop cloud applications based on Web app security lessons
Expert Dave Shackleford details how to build cloud applications based on typical Web app security flaws and cloud provider tools and platforms.Tip
-
Enterprise app security tops list for enterprise mobile deployments
Enterprises have yet to roll out mobile versions of most of their applications, a recent survey says. One key factor moving forward is security.News | 18 Feb 2013
-
Monitoring cloud services requires business support, existing tools
Existing security tools and business relationships are often the best methods for monitoring cloud services to spot rogue clouds in the enterprise.Tip
-
How to overcome unique cloud-based patch management challenges
Expert Dave Shackleford discusses how patch management differs in a cloud environment and provides tips for dealing with new patching obstacles.Tip
-
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.Tip
-
Pen testers should broaden scope, focus more on people, expert says
Pen testers often focus on system errors and application flaws, but employees are often an enterprise's greatest weakness, explains Chris Nickerson.News | 01 Oct 2012
-
Screencast: Employ the FOCA tool as a metadata extractor
Mike McLaughlin demos the FOCA tool as a metadata extractor to expose the 'hidden' data users often post on their own websites.Video
-
Leveraging Microsoft Azure security features for PaaS security
Organisations can boost PaaS security late in the game by implementing these stopgap measures.Tip
-
With mobile payments, security teams must move quickly
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.Tip
- VIEW MORE ON : App security
-
Hotmail makes sign-in changes, can't please everyone
The Hotmail sign-in page is in the news this week, with subtle changes to browser auto-complete behaviour to provide wider browser compatibility.News | 03 Aug 2011
-
Top strategies to mitigate targeted cyber intrusions
Claiming that over 70% of successful intrusions could have been prevented by implementing the top 4 recommendations, the Australian Defence Signals Directorate (DSD) has updated its list of strategies to mitigate targeted cyber intrusions.News | 28 Jul 2011
-
Kaspersky Lab announces sponsorship of Manly-Warringah Sea Eagles
Kaspersky Lab is following up the sponsorship of the AFL Melbourne Demons with a additional sponsorship agreement announced today between Kaspersky Lab and the NSW based NRL Manly Sea Eagles.News | 07 Jul 2011
-
Surveys reveal common Malware and Spyware are of most concern
For IT security professionals and executives, it is the common malware and spyware attacks which threaten their organisations most significantly, and not high-profile attacks luke StuxnetNews | 22 Jun 2011
-
Bureau of Statistics seeks secure email
The Australian Bureau of Statistics (ABS) wants to harden its Lotus Domino environment so it can provide “secure transmission of electronic messages and attachments (email) which contain sensitive data and/ or information, between the ABS and external recipients.” Might this year’s census be the reason for the purchase?News | 12 Mar 2011
-
Department of Human Services winds up Verizon secure email service
Australia’s Department of Human Services is seeking a new secure email service.News | 12 Apr 2010
-
Telstra Twitter account hacked by phishing scammers
A Twitter account used by Telstra PR staff has been hacked and was used to spread links to a phishing site.News | 03 Mar 2010
-
Product Review: Trend Micro Worry-Free Business Security 5.0
Our labs team run their eyes over Trend Micro's SMB security suite and find a powerful and easy-to-administer package.Tip
-
"Government" email attack targets Australian domains
Watch out for attachments supposedly sent from government departments, MessageLabs warns.News | 18 May 2008
-
Debate on Inbox snooping to stop terror needs a wider view
Patrick Gray argues that employee email filtering is a dubious anti-terror tactic and debate on the subject needs to reflect a more mature understanding of the true infosec situation.News | 21 Apr 2008
- VIEW MORE ON : Messaging security
-
How to develop cloud applications based on Web app security lessons
Expert Dave Shackleford details how to build cloud applications based on typical Web app security flaws and cloud provider tools and platforms.Tip
-
TLS security: Background on the 'Lucky Thirteen' attack
Professor Kenneth Paterson and graduate student Nadhem AlFardan have discovered a TLS attack that tracks the timing of error messages to reveal plaintext.News | 08 Feb 2013
-
Will TurkTrust incident raise certificate use to Chrome standard?
Enterprises can disrupt cybercriminals and deter future attacks, explained Dmitri Alperovitch, CTO of CrowdStrike Inc. The approach has its critics.News | 08 Jan 2013
-
Microsoft repairs dangerous XML Core Services zero-day flaw
The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9.News | 10 Jul 2012
-
Examining Kindle Fire security, Silk browser security in the enterprise
Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains.Tip
-
How to test a firewall: A three-step guide for testing firewalls
There are three steps when testing firewalls for your organisation. Expert Joel Snyder explains how to test a firewall.Tip
-
Using Burp Suite proxy tool to examine client-side requests
The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both.Tip
-
When Apple iOS HTTPS certificate failures are silent
If you're in any doubt whether last week's iOS update is worthwhile, take heed of this warning.News | 03 Aug 2011
-
Top strategies to mitigate targeted cyber intrusions
Claiming that over 70% of successful intrusions could have been prevented by implementing the top 4 recommendations, the Australian Defence Signals Directorate (DSD) has updated its list of strategies to mitigate targeted cyber intrusions.News | 28 Jul 2011
-
5 cloudy challenges data loss prevention
Cloud services make it easy to move data from the desktop to well outside your enterprise. We look at five of the most-used cloud services that can undermine your data loss prevention tools in this tip.Tip
- VIEW MORE ON : Web security
-
With Windows XP security updates ending, enterprises must plan ahead
With Windows XP security updates ending in 2014, organizations still running the venerable Microsoft OS should start making transition plans.News | 11 Apr 2013
-
Two 'critical' bulletins planned for April 2013 Patch Tuesday
Microsoft plans to issue nine bulletins for its April 2013 Patch Tuesday release, including two "critical" fixes for Internet Explorer and Windows iterations.News | 04 Apr 2013
-
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.Tip
-
Internet Explorer vulnerabilities fixed in December 2012 Patch Tuesday
Microsoft released seven security bulletins, addressing flaws in Internet Explorer, Word and Windows kernel-mode drivers.News | 11 Dec 2012
-
Analysis: Windows 8 security features improve on Windows 7 security
Expert Michael Cobb says Windows 8's security features, like Windows Defender and Secure Boot, are a step forward for desktop and BYOD security.Tip
-
Microsoft fixes critical issues in Internet Explorer, Windows Kernel
Microsoft issued six bulletins in November's Patch Tuesday, including fixes in Internet Explorer, Windows Kernel and the .NET Framework.News | 13 Nov 2012
-
Google no longer playing with Android malware
Some say the Android malware problem is out of hand, and it appears Google is taking additional steps to block attacks in its Google Play store.News | 18 Oct 2012
-
Under the Surface: How Windows tablet security meets BYOD challenges
Expert Michael Cobb says the forthcoming Windows tablet security features on Microsoft's Surface could help meet enterprise BYOD challenges.Tip
-
Researcher lauds Windows 8 memory protections
Video: New memory-based protections in Windows 8 make heap-based buffer overflow attacks much more difficult.Video
-
With mobile payments, security teams must move quickly
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.Tip
- VIEW MORE ON : OS security
-
Monitoring cloud services requires business support, existing tools
Existing security tools and business relationships are often the best methods for monitoring cloud services to spot rogue clouds in the enterprise.Tip
-
How to overcome unique cloud-based patch management challenges
Expert Dave Shackleford discusses how patch management differs in a cloud environment and provides tips for dealing with new patching obstacles.Tip
-
Zenmap tutorial: Mapping networks using Zenmap profiles
Video: In this Zenmap tutorial screencast, Keith Barker of CBT Nuggets explains how to efficiently map networks graphically using Zenmap profiles.Video
-
How to use Wireshark to detect and prevent ARP spoofing
Video: Keith Barker of CBT Nuggets demonstrates how to use Wireshark, the popular open source packet analyzer, to prevent ARP spoofing attacks.Screencast
-
Forrester's GRC framework: Using three lines of defense
Chris McClean of Forrester Research provides a GRC framework. It offers three lines of defense to boost participation rates and define clear roles.Tip
-
Gary McGraw on cloud computing pros and cons for security
Cloud computing can help improve SMB security operations but doesn’t bode well for software security.News | 19 Jun 2012
-
Cloud DLP: Understanding how DLP works in virtual, cloud environments
Applying DLP technology to virtual machines can enable cloud computing with enhanced security and compliance.Tip
-
Gary McGraw: Eliminating badware addresses malware problem
Bad software and malicious software are two different issues that are easily confused, says software security expert Gary McGraw.Opinion
-
PCI virtualisation compliance: Three steps for PCI compliance in the cloud
PCI compliance in the cloud is tough but implementing these strategies can help.Tip
-
IBM QRadar adds X-Force threat intelligence to SIEM system
Big Blue unveils integration of its Q1 Labs acquisition giving IT security pros the ability to add rule-based alerts using threat intelligence feeds.News | 22 Feb 2012
- VIEW MORE ON : Managing vulnerabilities