Can SDN usher in better IT security?

That software-defined networking (SDN) is a coming reality is starting to gain traction in IT security circles, with some vendors arguing it could lead to a level of interoperability in security largely missing at present.

By Ellen Messmer | 30 August, 2014 01:02

Tags: SDN, Citrix, linux foundation, security, Networking, OpenDaylight, IETF, intel

CryptoWall held over half-a-million computers hostage, encrypted 5 billion files

A file-encrypting ransomware program called CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, earning its creators more than US$1 million, researchers found.

By Lucian Constantin | 29 August, 2014 22:24

Tags: Dell SecureWorks, security, encryption, data protection, malware

Telstra finalises joint venture with Telkom Indonesia

Telstra has signed a joint venture agreement with Telkom Indonesia. The joint venture will offer cloud, unified communications, managed network and security services in Indonesia.

By Rohan Pearce | 29 August, 2014 15:40

Tags: cloud computing, Telstra

Hillary Clinton: 'Our technology companies are not part of our government'

Former U.S. Secretary of State Hillary Clinton called for a "global compact" on surveillance and the use of collected data, saying the U.S. isn't the only country that does it and American technology companies are unfairly targeted for the government's actions.

By Stephen Lawson | 29 August, 2014 09:04

Tags: nexenta, Government use of IT, security, government, legislation, hillary clinton, privacy

Los Alamos National Lab's R&D fueling new quantum-crypto firm

Technology development firm Allied Minds says it has set up a new company, Whitewood Encryption Systems, to develop quantum-crypto technology under an R&D licensing arrangement with Los Alamos National Laboratory.

By Ellen Messmer | 29 August, 2014 00:27

Tags: security, encryption

Security council blames breaches on poor PCI standard support

The growing number of data breaches resulting in massive numbers of payment cards being stolen from retail stores and other businesses is occurring because they're failing to keep up with the Payment Card Industry's data security standard, according to the PCI Security Standards Council.

By Ellen Messmer | 28 August, 2014 22:54

Tags: network security, security, data breach, Kno, PCI Security Standards Council

Tuning the security analysts

I have told you about the need to tune our security incident and event monitoring (SIEM) tool. Now we need to tune the analysts who are monitoring the SIEM.

By By Mathias Thurman | 28 August, 2014 22:46

Tags: security, SIEM, IT outsourcing

Mozilla reports user data leak from Bugzilla project

Email addresses and encrypted passwords of around 97,000 users who tested early builds of the Bugzilla bug tracking software were left exposed for three months following a server migration.

By Lucian Constantin | 28 August, 2014 22:38

Tags: security, data breach, Mozilla Foundation, data protection, privacy

FBI, Secret Service studying 'scope' of reported bank cyberattacks

A U.S. Federal Bureau of Investigation spokesman said Wednesday the agency is working with the Secret Service to determine the "scope" of reported cyberattacks against several financial institutions.

By Jeremy Kirk | 28 August, 2014 17:17

Tags: U.S. Federal Bureau of Investigation, JPMorgan Chase, security, U.S. Secret Service

Retailers urged to defend against 'Backoff' point-of-sale malware

A payment card industry security consortium warned retailers on Wednesday of the urgency to secure their systems against "Backoff," a malicious software program that steals card numbers.

By Jeremy Kirk | 28 August, 2014 16:00

Tags: intrusion, security, data breach, data protection, PCI Security Standards Council, malware

AFP apologises for privacy breach

The Australian Federal Police (AFP) has issued an apology after it emerged that metadata related to criminal investigations was accidentally released online.

By Hamish Barwick | 28 August, 2014 14:31

Tags: Timothy Pilgrim, Australian Federal Police, data breach, metadata, OAIC

Section 313: iiNet, industry orgs seek limits on website blocking

Internet service provider iiNet, the Internet Society of Australia (ISOC-AU) and industry bodies the Australian Mobile Telecommunications Association (AMTA) and the Communications Alliance have all called for restrictions on the government agencies that can issue requests for ISPs to block websites.

By Rohan Pearce | 28 August, 2014 13:40

Tags: censorship, civil liberties, section 313, telecommunications act, internet filter

ANZ Banking Group improves incident response with comms tool

Incident response calls at ANZ Banking Group were “chaotic” due to manual processes and the time it took for calls to begin until the bank began to roll out a communications management tool earlier this year.

By Hamish Barwick | 28 August, 2014 13:38

Tags: Incident response, communications, Xmatters, ANZ Banking Group Ltd, CA Expo 2014

Senate extends telecommunications interception inquiry

The Senate has voted to extend the reporting deadline of the inquiry into reform of the Telecommunications (Interception and Access) Act 1979. The inquiry, chaired by Greens Senator Scott Ludlam, had been due to table its final report last night.

By Rohan Pearce | 28 August, 2014 08:40

Tags: civil liberties, surveillance, security, data retention, privacy

Retailers warned to act now to protect against Backoff malware

The Payment Card Industry Security Standards Council on Wednesday issued a bulletin urging retailers to immediately review their security controls to ensure point-of-sale systems are protected against "Backoff," a malware tool that was used in the massive data theft at retailer Target last year.

By Jaikumar Vijayan | 28 August, 2014 06:16

Tags: Target, data security, security, data protection

Vulnerabilities on the decline, but risk assessment is often flawed, study says says

Based on data gathered over the first six months of 2014, security researchers from IBM X-Force predict that the number of publicly reported vulnerabilities will drop to under 8,000 this year, a first since 2011.

By Lucian Constantin | 28 August, 2014 05:03

Tags: patches, Forum for Incident Response and Security Teams, Open Security Foundation, security, IBM, Risk Based Security, patch management, Exploits / vulnerabilities

Kenneth van Wyk: Why do we keep relearning the same security lessons again and again?

Don't look now, but we've failed to anticipate our attackers' next moves --- again.

By By Kenneth van Wyk | 28 August, 2014 03:38

Tags: Target, security, Bull, Access control and authentication, application security

New malvertising campaign hit visitors of several high-profile sites

Some visitors to several high-profile websites last week were redirected to browser exploits that installed malware on their computers because of malicious advertisements on those sites.

By Lucian Constantin | 28 August, 2014 03:22

Tags: online safety, Fox-IT, DeviantART, security, Desktop security, Photobucket, AppNexus, Oracle, malware

Brandis mum on data retention cost

Attorney-General George Brandis has reiterated the government's intention to introduce a mandatory data retention regime but failed to answer a query by Greens Senator Scott Ludlam on what the cost of such a scheme is likely to be.

By Rohan Pearce | 27 August, 2014 15:26

Tags: civil liberties, surveillance, security, data retention, privacy

Netflix open sources internal threat monitoring tools

Netflix has released three internal tools it uses to catch hints on the Web that hackers might target its services.

By Jeremy Kirk | 27 August, 2014 14:29

Tags: security, netflix

Top Whitepapers

Twitter Feed

Featured Whitepapers