Security News & Opinions

Mac OS X root privileges 0day under active exploit 
By Allie Coyne | 2 hours ago | Comment Now 
Disclosure without reporting to Apple bites innocent users.
 
Researchers develop quantum-computing safe crypto 
By Juha Saarinen | 6 hours ago | Comment Now 
Practical implementation of secure key exchange for TLS.
 
Australia takes part in Interpol's first 'dark web' training program 
 
Windows 10 upgraders targeted in ransomware scam 
By Allie Coyne | 1 day 2 hours ago | Comment Now 
Users warned not to click on attachments in phishing emails.
 
Critical BIND bug could crash large portions of the internet 
 
Silent Circle offers Android for Work-ready Blackphone 
By Juha Saarinen | 4 days ago | Comment Now 
Blackphone 2 signed-up for device partitioning.
 
FBI understaffed to fight cyber attack: DOJ 
5 days ago | Comment Now 
Low pay slows recruitment drive.
 
New Android bug renders device silent, unresponsive 
By Allie Coyne | 6 days ago | Comment Now 
Denial-of-service flaw affects more than half of all current users.
 
US to rewrite controversial zero-day export policy 
6 days ago | Comment Now 
Chorus of complaints has an effect.
 
Critical vulnerability found in Apple App Store, iTunes 
By Allie Coyne | Jul 29, 2015 | Comment Now 
Device name in invoices can be swapped with malicious code.
 
Aussie cyber centre warns of growing threat in first report 
By Allie Coyne | Jul 29, 2015 | Comment Now 
But ACSC reveals no major national attack yet.
 
Android bug leaves a billion phones open to attack 
By Juha Saarinen, Allie Coyne | Jul 28, 2015 | Comment Now 
Hackers only need phone number to target devices.
 
Former top US security officials oppose encryption backdoors 
By Juha Saarinen | Jul 28, 2015 | Comment Now 
Bad idea, ex-Homeland Security and NSA bosses say.
 
US Treasury's intelligence network vulnerable to hack 
Jul 27, 2015 | Comment Now 
Audit finds connected devices not meeting infosec standards.
 
Labor wants customer consent for offshore data storage 
By Paris Cowan | Jul 27, 2015 | Comment Now 
Jurisdictions could be banned from hosting Aussie data.
 
Officeworks spooked into infosec overhaul by Target breach 
By Andrew Sadauskas | Jul 24, 2015 | Comment Now 
Takes key lessons from 2013 attack.
 
What to expect from Abbott's national cyber security strategy 
By Andrew Sadauskas | Jul 24, 2015 | Comment Now 
Key policy architect reveals focus of new document.
 
Google patches 43 vulnerabilities in Chrome browser 
 
Infosec experts hack Jeep, gain control of moving car 
Jul 22, 2015 | Comment Now 
Highlight concerns about driver safety in internet-connected vehicles.
 
MongoDB admins accidentally expose 600TB of data 
By Allie Coyne | Jul 21, 2015 | Comment Now 
Old versions contain security hole.
 
ACSC issues AusPost, AFP ransomware warning 
By Paris Cowan | Jul 21, 2015 | Comment Now 
"Significant campaign" puts cyber crime centre on the front foot.
 
Hacking Team breach could have been an inside job 
Jul 21, 2015 | Comment Now 
Former staff under investigation.
 
Google joins chorus against infosec export controls proposal 
By Juha Saarinen | Jul 21, 2015 | Comment Now 
Information sharing on security issues must be allowed.
 
Critical out-of-band patch issued for Windows zero-day 
By Juha Saarinen | Jul 21, 2015 | Comment Now 
Discovered in Hacking Team document leak.
 
Skype users plagued by ongoing bogus messages 
By Juha Saarinen | Jul 20, 2015 | Comment Now 
Advised to change passwords on Skype, linked Microsoft accounts.
 
United Airlines awards millions of points as bug bounty 
 
Infosec firms oppose 'misguided' exploit export controls 
By Juha Saarinen | Jul 16, 2015 | Comment Now 
Claim new rules will put the world at greater risk.
 
Police shut down 'Darkode' hacking forum 
Jul 16, 2015 | Comment Now 
International law enforcement arrests 28.
 
Microsoft's mega Patch Tuesday marks end of Windows Server 2003 support  
 
Oracle pushes massive critical patch update for July 
By Juha Saarinen | Jul 15, 2015 | Comment Now 
Pawn Storm zero day hole plugged.
 
NSA releases Linux-based open source infosec tool  
By Allie Coyne | Jul 14, 2015 | Comment Now 
Aims to avoid duplication of effort for govt agencies.
 
Hacking Team vows to continue with new spyware 
By Juha Saarinen | Jul 14, 2015 | Comment Now 
Claims not all source code was leaked.
 
Experts protest Aussie law banning crypto export 
By Juha Saarinen | Jul 13, 2015 | Comment Now 
Defence Trade Controls Act threatens to "criminalise" cryptology.
 
OPM boss resigns over security breach  
Jul 13, 2015 | Comment Now 
Second, related intrusion picked up.
 
DDoS attack downs iiNet services 
By Juha Saarinen | Jul 13, 2015 | Comment Now 
Lengthy weekend outage.
 
US govt CIO orders 30-day 'cyber sprints' in wake of hack 
Jul 12, 2015 | Comment Now 
Results to expose weakest-link agencies.
 
More Aussie agencies wanted Hacking Team's spyware 
By Allie Coyne, Juha Saarinen | Jul 10, 2015 | Comment Now 
ASIO, IBAC, state police contacted hacked spyware merchant.
 
Xen patches admin privilege escalation vulnerability 
By Juha Saarinen | Jul 10, 2015 | Comment Now 
Allows admins with limited privileges to take full control.
 
Millions of US citizens' personal data taken in OPM hack 
Jul 10, 2015 | Comment Now 
Stolen data includes social security details.
 
'High severity' flaw discovered in OpenSSL 
By Juha Saarinen | Jul 10, 2015 | Comment Now 
Certificate bypass check possible.
 
Morpho hackers hit Apple, Microsoft for corporate data 
By Allie Coyne | Jul 9, 2015 | Comment Now 
Cyber gang stealing sensitive info from big business.
 
Crypto experts slam govt encryption backdoor demands 
By Juha Saarinen | Jul 8, 2015 | Comment Now 
Revisiting a bad idea considered an even worse idea.
 
Adobe to patch leaked Hacking Team Flash 0day 
By Allie Coyne | Jul 8, 2015 | Comment Now 
Flaw being exploited in the wild.
 
Hacking Team tells clients to stop using its spyware 
By Allie Coyne | Jul 7, 2015 | Comment Now 
Government spy ops could be exposed.
 
Government exploit vendor hacked, client data exposed 
By Allie Coyne | Jul 6, 2015 | Comment Now 
Update: Australian agencies potentially compromised.
 
Researcher withholds exploit details over export control concerns 
By Juha Saarinen | Jul 6, 2015 | Comment Now 
Cites confusion created by Wassenaar Arrangement provisions.
 
AISA names first-ever CEO 
By Andrew Sadauskas | Jul 3, 2015 | Comment Now 
“Increasing cyber skills and awareness” a key priority.
 
Australian Army tests out drones for surveillance 
By Allie Coyne | Jul 3, 2015 | Comment Now 
Wasp, Black Hornet join Shadow.
 
 'Zombie' network protocols become DDoS threats 
By Juha Saarinen | Jul 3, 2015 | Comment Now 
Attackers won't let RIPv1 rest in peace.
 
Former US agent admits to stealing bitcoins during Silk Road probe 
Jul 2, 2015 | Comment Now 
Lied to employer about receiving payments.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Should law enforcement be able to buy and use exploits?



   |   View results
Yes
  14%
 
No
  51%
 
Only in special circumstances
  18%
 
Yes, but with more transparency
  18%
TOTAL VOTES: 832

Vote