Security News & Opinions

Australia spared the worst of rise in web attacks: Akamai 
By Juha Saarinen | 2 days ago | Comment Now 
Report paints bleak picture of increasingly hostile internet.
 
Millions of Android phones don't completely wipe data 
By Allie Coyne | 2 days ago | Comment Now 
Flawed factory reset leaves data accessible.
 
Five Eyes spies sought to subvert Google, Samsung app stores 
By Juha Saarinen | 2 days ago | Comment Now 
Attempted to plant malware, spread misinformation.
 
US aims to limit zero-day sales to Five Eyes 
3 days ago | Comment Now 
Would treat unknown software vulnerabilities as weapons.
 
LogJam leaves browsers vulnerable to MiTM attack 
By Doug Drinkwater | 3 days ago | Comment Now 
Tens of thousands of web services affected.
 
Tech giants urge Obama to rule out backdoors 
By Allie Coyne | 4 days ago | Comment Now 
Policy would weaken infosec and undermine human rights.
 
IT workarounds threaten privacy of children in care: Qld Auditor 
 
More Java holes found in Google App Engine 
 
Defanging Venom hypervisor attacks 'easy': researcher 
By Juha Saarinen | 6 days ago | Comment Now 
Single configuration change required.
 
United Airlines offers air miles as bug bounty 
May 15, 2015 | Comment Now 
But don't touch internal, onboard systems.
 
US House votes to end bulk collection of phone data 
May 14, 2015 | Comment Now 
Spy agencies could have powers reined in.
 
Venom vulnerability poisons Xen hypervisor 
By Juha Saarinen | May 14, 2015 | Comment Now 
Virtual floppy disc drive code is exploitable.
 
Microsoft plugs multiple critical flaws in Windows  
By Juha Saarinen | May 13, 2015 | Comment Now 
Don't open .jnt Windows Journal files from untrusted sources.
 
Tor Cloud shut down 
By Juha Saarinen | May 11, 2015 | Comment Now 
Cloud service "still a good idea".
 
Alleged Photobucket hackers arrested in US 
May 11, 2015 | Comment Now 
Accused of selling privacy-bypass tool onto third parties.
 
Security vendor Tencent found cheating in tests 
By Juha Saarinen | May 8, 2015 | Comment Now 
Joins Qihoo 360 to be stripped of awards.
 
US court rules NSA bulk phone metadata collection illegal 
By Jonathan Stempel | May 8, 2015 | Comment Now 
American Civil Liberties Union win case in appeal court.
 
NSW Privacy Commissioner renews call for data offshoring rules 
By Paris Cowan | May 7, 2015 | Comment Now 
Sends information protection wishlist to government.
 
Lenovo users exposed to "massive security risk" 
May 7, 2015 | Comment Now 
Researchers find more serious flaws.
 
NSW Electoral Commission answers iVote critics 
By Paris Cowan | May 6, 2015 | Comment Now 
CIO continues to lobby for e-voting despite hacking threat.
 
New malware strain destroys master boot record to avoid detection 
 
Comms, AFP cyber defences under scrutiny 
By Paris Cowan | May 5, 2015 | Comment Now 
National auditor kicks off new security checks.
 
Critical software bug could down Boeing 787s mid-flight 
By Allie Coyne | May 4, 2015 | Comment Now 
Airline told to reboot every 248 days.
 
Chinese security vendor caught cheating in AV test 
By Juha Saarinen | May 1, 2015 | Comment Now 
Qihoo 360 loses certifications.
 
Google builds Chrome tool to prevent phishing 
Apr 30, 2015 | Comment Now 
Extension aims to defend against attacks.
 
Aussie enterprises targeted in Bartalex spam campaign 
By Juha Saarinen | Apr 29, 2015 | Comment Now 
Office macro downloads malware used in JP Morgan heist.
 
WordPress patches critical XSS vulnerability 
By Juha Saarinen | Apr 28, 2015 | Comment Now 
Commenters could cross-site script.
 
US goes on offensive with new cyber security policy 
By Juha Saarinen | Apr 28, 2015 | Comment Now 
Defensive stance an insufficient deterrent.
 
Code audit finds over 25,000 vulnerable apps in iTunes 
By Juha Saarinen | Apr 27, 2015 | Comment Now 
Bug in SSL library makes eavesdropping easy.
 
Thousands of Australian ecommerce sites vulnerable to 'Shoplift' bug 
By Juha Saarinen | Apr 23, 2015 | Comment Now 
Retailers slow to patch against full-compromise flaw.
 
Wi-fi authentication client bug opens multiple OS to attack 
By Juha Saarinen | Apr 23, 2015 | Comment Now 
Malicious P2P SSIDs could execute code on Linux, Windows, OS X.
 
Microsoft phishing filter blocks legitimate Aussie sites 
By Allie Coyne | Apr 22, 2015 | Comment Now 
Universities, businesses affected.
 
'Massive vulnerability' uncovered in eBay Magento ecommerce system 
By Juha Saarinen | Apr 21, 2015 | Comment Now 
Site owners urged to patch against full-compromise "Shoplift" bug.
 
Australia's infosec industry wants mandatory baseline security controls  
 
Raytheon to acquire Websense for $2.4 billion 
Apr 20, 2015 | Comment Now 
Bolsters infosec business following Blackbird buy.
 
China suspends invasive cyber security rules 
Apr 20, 2015 | Comment Now 
Domestic banks push back against shift to local tech.
 
Target US inks $25m data breach settlement with MasterCard 
Apr 16, 2015 | Comment Now 
Fallout from 2013 attack continues.
 
In-flight wi-fi could be used to hack planes, US watchdog warns 
 
Throwing cash at zero-days won't solve the problem: researchers 
By Allie Coyne | Apr 15, 2015 | Comment Now 
How to tip the balance towards defense.
 
User mistakes aid most cyber attacks 
Apr 14, 2015 | Comment Now 
Verizon, Symantec reports reveal popularity of phishing attacks.
 
Mobile security threat 'overstated': Verizon 
By Ry Crozier | Apr 14, 2015 | Comment Now 
Telco data set shows no cause for alarm.
 
Windows login-stealing flaw discovered to affect all versions 
Apr 14, 2015 | Comment Now 
Security firm reveals 'redirect to SMB' weakness.
 
Interpol, tech companies take down Simda botnet 
By Russell Brown | Apr 14, 2015 | Comment Now 
"Hide and seek" nature of pay-per-install bot made it a hard catch.
 
Apple closes critical system backdoor with OS X update  
By Russell Brown | Apr 13, 2015 | Comment Now 
Older versions left vulnerable.
 
International police bring down Beebone botnet 
 
Hack takes down French TV network 
By Russell Brown | Apr 10, 2015 | Comment Now 
Broadcast, email and social media systems all struck.
 
Telcos lobby Govt to fix 'piecemeal' approach to cyber security 
By Allie Coyne | Apr 9, 2015 | Comment Now 
Want one lead agency, as long as it's not ASIO.
 
US Drug Enforcement's global surveillance outed 
By Russell Brown | Apr 9, 2015 | Comment Now 
Phone spying predated NSA's by nearly a decade.
 
Singtel to buy Trustwave for $1 billion 
Apr 8, 2015 | Comment Now 
Telco giant seeks to be global cybersecurity player.
 
Firefox disables 'opportunistic encryption' to fix HTTPS bypass bug 
By Allie Coyne | Apr 8, 2015 | Comment Now 
Attackers could use fake certificate to get around protections.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Should Optus make a bid for iiNet?

   |   View results
Yes
  43%
 
No
  57%
TOTAL VOTES: 537

Vote