Security

6

There are few feelings worse than having the sanctity of your home violated by thieves. It's not just the loss of valuable possessions, but that a stranger has completely violated your personal space. This is what happened to someone I know yesterday. But what might sound like a run-of-the-mill break-and-enter was far smarter and will have lasting implications for those involved.

0

If someone showed you a group photo containing your boyfriend or girlfriend, you could probably spot them without much trouble. But what if the photo was from ten years ago? Or what if their face was partially obscured? What if it contained thousands of people? That's when you might need artificial intelligence to help you out.

Chinese tech firm Yitu has perfected its facial recognition AI to such a degree that it can now identify faces faster than humans - even when they are intimately familiar with the face in question. Welcome to the next creepy stage of video surveillance.

0

By now, you'll have heard about the breach at Equifax, leading to the leaking for PII relating to about 143 million people in the US, Canada and the UK. While it's unlikely many Australians were directly affected, the nature of the breach highlights why mandatory data breach notification laws are important, that notification periods are critical and you need to ensure you're ready to communicate with anyone whose data your store.

2

Back in June, ProtonVPN announced that it was open for business. The service, developed by MIT and CERN, promises to route all traffic through privacy-friendly countries such as Iceland and Switzerland that aren't likely to hand data over to anyone else. On paper, it looked like a great option for those who looking for a secure VPN option, developed by reputable people. However, the service was so popular that it crashed. New users were put on a waiting list while the developers bolstered their infrastructure. That wait list has now been opened with the free service open to everyone.

Shared from Gizmodo

0

Big fans of the cloud as we are, there's no doubt relying solely on keeping your stuff stored remotely is a risky strategy. Accounts get hacked. Companies fold. And if you don't have backups of your most precious Snapchats and Gmails, then they can disappear in a puff of data center smoke. Here's how to make sure you've got local copies of everything.

7

Famed author Terry Pratchett may have shuffled off this mortal coil a couple of years ago but he can still grab a headline. Last week, in keeping with his wishes, a hard drive containing his unfinished work was destroyed. But in true Pratchett fashion, rather than settling for the mundane and sterile world of using software to destroy the data, Pratchett's wish to have his hard drive run over by a steamroller was honoured. But was that the best way to destroy the data?

0

The United States Congress recently voted to repeal a set of regulations preventing Internet Service Providers (ISP) from selling your browsing info to third parties without your permission, setting an ominous tone for the future of net neutrality worldwide. That's why VPNs have surged in popularity as one of the last lines of defense for private browsing. While there are plenty of providers to choose from, few can match what Private Internet Access brings to the table.

3

Over the weekend, yet another list of potentially vulnerable IoT devices was made public. It was viewed by over 20,000 people before Pastebin removed the list of devices that responded to Telnet sessions that were secured either with default credentials such as admin/admin or not secured with any authentication at all. Which begs the question, why do some people continually shoot themselves in the foot when it comes to securing these devices?

0

Google has added a new firewall feature to their cloud offering. Currently in beta, the App Engine firewall, which is in beta, lets developers specify a set of rules, order them by priority and specify an IP address or a set of IP addresses. These are used to block or allow access to an application.

0

It stands to reason that Microsoft would be a big target for threat actors. Aside from the obvious hacker cred someone could gain from stealing source code or releasing corporate secrets, Azure hosts thousands of businesses and a compromise of that platform would be catastrophic for many companies. The most recently released Microsoft Security Intelligence Report points to an increasingly dangerous online world.

2

The Black Hat and DEFCON events bring together the black, white and grey hat communities to share information about what's really what when it comes to information security. Thycotic surveyed attendees at this year's Black Hat conference to find out what works and doesn't work when it comes to protecting data.

0

Security threats aren't all the same. Although there are some widespread security events like the recent WannaCry and NotPetya outbreaks, some industry verticals are hit in more in more targeted ways. Mike Brown is RSA's vice president and general manager for the public sector. I spoke with him at the recent RSA Conference in Singapore about the threat landscape for the public sector.

2

A hacker, going by the Twitter handle @xerub, claims to have broken part of the security around Apple's Secure Enclave. The hacker has published a decryption key that weakens (but doesn't totally compromise) a core part of Apple's security model for iOS devices.

0

Ransomware attacks are an everyday occurrence. Whenever I speak to people at security events, almost every single company has been hit in some way. Some only find out about it when users call the internal help desk because they're "curious" about Bitcoin but others are hit far harder.