TalkingTech
The view from the top of IT with TechWorld Editor Rohan Pearce
Stories by Lucian Constantin
LibreOffice 3.5.5 addresses multiple arbitrary code execution vulnerabilities
Version 3.5.5 of the LibreOffice free personal productivity suite contains fixes for multiple security vulnerabilities that could be exploited to execute arbitrary code with the privileges of the active user, according to The Document Foundation -- the organization overseeing the software's development.
Hackers reveal critical vulnerabilities in Huawei routers at Defcon
Security researchers disclosed critical vulnerabilities in routers from Chinese networking and telecommunications equipment manufacturer Huawei at the Defcon hackers conference on Sunday.
Persistent router botnets on the horizon, researcher says at Defcon
Security researcher Michael Coppola demonstrated how small and home office (SOHO) routers can be compromised and turned into botnet clients by updating them with backdoored versions of vendor-supplied firmware.
Researcher creates proof-of-concept malware that infects BIOS, network cards
Security researcher Jonathan Brossard created a proof-of-concept hardware backdoor called Rakshasa that replaces a computer's BIOS (Basic Input Output System) and can compromise the operating system at boot time without leaving traces on the hard drive.
Tools released at Defcon can crack widely used PPTP encryption in under a day
Security researchers released two tools at the Defcon security conference that can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) and WPA2-Enterprise (Wireless Protected Access) sessions that use MS-CHAPv2 for authentication.
NSA chief asks hackers at Defcon for help securing cyberspace
National Security Agency Director General Keith B. Alexander addressed the attendees of the Defcon hacker conference in Las Vegas on Friday and asked for their help to secure cyberspace.
Researcher wins $200,000 prize from Microsoft for new exploit mitigation technology
Security researcher and Columbia University PhD student Vasilis Pappas was announced the winner of the Microsoft BlueHat Prize contest for an exploit mitigation technology called "kBouncer" which is designed to detect and prevent return-oriented programming (ROP), a popular vulnerability exploitation technique.
Flame's Windows Update hack wins Pwnie Award for epic ownage at Black Hat
The judging panel of the Pwnie Awards, which are handed out every year at the Black Hat security conference for achievements and failures in IT security, have recognized the Windows Update hack used by the Flame cyberespionage malware as the most impressive compromise of the past 12 months.
Vulnerabilities in payment terminals demonstrated at Black Hat
Three widely deployed payment terminals have vulnerabilities that could allow attackers to steal credit card data and PIN numbers, according to a pair of security researchers from penetration testing firm MWR InfoSecurity in the U.K.
Tool released at Black Hat contains 150 ways to bypass Web application firewalls
A tool for testing if Web application firewalls (WAFs) are vulnerable to around 150 protocol-level evasion techniques was released at the Black Hat USA 2010 security conference on Wednesday.
Java vulnerabilities increasingly targeted by attackers, researchers say
Java vulnerabilities are increasingly exploited by attackers to infect computers, and the problem could become worse if Oracle doesn't do more to secure the product and keep its installation base up to date, according to security researchers who will talk about Java-based attacks at the Black Hat USA 2012 security conference.
Mobile and Web security will be major topics at Black Hat
Security researchers are expected to disclose new vulnerabilities in near field communication (NFC), mobile baseband firmware, HTML5 and Web application firewalls next week at the Black Hat USA 2012 security conference.
Cybercriminals no longer control the third largest spam botnet, researchers say
Cybercriminals no longer control one of the world's largest spam botnets, Grum, because all of the servers the botnet relied on for receiving commands were shut down, according to researchers from security firm FireEye.
Firefox 14 contains vulnerability patches, security-related features
Version 14 of the Mozilla Firefox browser, released Tuesday, offers several new security-related features as well as patches for numerous vulnerabilities.
Mahdi cyberespionage malware infects computers in Iran, Israel, other Middle Eastern countries
A piece of malware called Mahdi or Madi has been used to spy on hundreds of targets from Iran, Israel and a few other Middle Eastern countries during the past eight months, according to researchers from security vendors Seculert and Kaspersky Lab.
TechWorld Blogs
Recent blog posts
- OpenStack, collaboration and competition
- Tech and protesters at #occupysydney
- Adobe Flash (1996-2011): Will we really mourn you?
- Nokia's N9, MeeGo and all that: A Nokia N9 review of sorts
- Recruiter seeks developers for Amazon video-on-demand team
- A shocking resignation
- Lightsabers, software Darwinism and the demise of webOS
- Programming, creativity and open source
- Goodbye, hello
- Is Network Co. the way to go?
Latest Jobs
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTQuality ManagerSA
- FTFlash / ActionScript Developer - ContractNSW
- FTLead Software EngineerSA
- FTOS Web Applications DeveloperNSW
- FTInteractive Flash Developer - Flash banners. AS3. Banners. $475pdNSW
- FTTest EngineerVIC
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTR&D EngineerSA
- FTSenior Python DeveloperNSW
- FTWeb Analyst - WebTrendsVIC
Twitter Feed
-
HamishBarwick In pictures: #Auscert2013 roundup http://t.co/FsTcgTUYh7 #cw #cso #cio #tw -
HamishBarwick In pictures: #Auscert2013 gala awards night http://t.co/8j9n9lND1k #cw #cso #cio #tw
-
HamishBarwick #Auscert2013: Deploying #BYOD in a government environment http://t.co/4wuBuaOkLb #cio #cw #cso #tw
-
HamishBarwick #AusCERT organisation celebrates 20 years http://t.co/wS8iUNMtVp #Auscert2013 #cw #cso #cio #tw
-
WatchAdam RT @HamishBarwick: #Auscert2013: What's it like to be a #Nigerianscam victim? http://t.co/wT8fHa1Swb #infosec #cw #cso #cio #tw
Latest News
- 3D printing saves a life
- Microsoft knuckles under, yanks YouTube app for Windows Phone
- Google: Weak XMPP support, capabilities led us to proprietary tech in Hangouts
- Are we ready for a mobile-first world?
- Smartphone chips could replace server processors in HPC, researchers say
- Google pursuing broad wireless project for emerging markets, report says
- Schnucks wants federal court to handle data breach lawsuit
- Proposed law would make reprogramming cellphone IDs a crime
- Puppet gets a more expressive configuration language
- iPhone 6 rumour rollup for the week ending May 24
- iPad 5 rumour rollup for the week ending May 23
- Is Google trying to swipe Waze from under Facebook's nose?
- Public cloud shakeup: VMware in, Dell out, and OpenStack in limbo?
- Reports: FTC examining Google's display ads
- Researchers warn of increased Zeus malware activity this year
Copyright 2013 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.
IDG Sites:
PC World |
GoodGearGuide |
Computerworld Australia |
CIO Australia |
CMO |
CSO Online |
ARN |
CIO Executive Council
Recent comments
1 minute ago
3 hours, 5 minutes ago
3 hours, 23 minutes ago
7 hours, 29 minutes ago
7 hours, 41 minutes ago
10 hours, 58 minutes ago
12 hours, 4 minutes ago
12 hours, 40 minutes ago
17 hours, 7 minutes ago
22 hours ago