Tagged With secured

4

IT security is something that organisations can't afford to ignore. With Australia set to introduce mandatory data breach notification laws, the need for local organisations to up their security game is only going to increase. Penetration testers (pen testers) are IT professionals that assume the role of an external or even internal threat to help organisations identify security weaknesses. It's a profession that is in high demand, by employers and job seekers. But what makes a good pen tester? We asked Nuix chief information security officer Chris Pogue.

0

Last week, a nasty ransomware called FileCoder was found to be targeting Apple Mac users. It was thought that there was no way to unlock any of encrpyted files since the criminals who made the ransomware didn't seem to be keeping any decryption keys. Luckily, it is possible to unlock files that have been encrypted by FileCoder; the catch is that it's a tricky process.

0

Google's Project Zero security research team has found a vulnerability that could lead to remote code execution in Microsoft's Edge and Internet Explorer browsers. This is the fourth Microsoft bug that Google has disclosed in recent months. Microsoft has yet to properly patch three of the security flaws.

10

CloudFlare, a content delivery network and web security provider used by millions of websites, has admitted that a severe security vulnerability has caused sensitive data to be exposed across a number of different websites. It has been dubbed Cloudbleed and is said to be worse than Heartbleed, a similar bug from 2014. What exactly is Cloudbleed and how could you be affected by it? Let's find out.

0

The SHA-1 cryptographic hash function may be 22 years old but it's still widely used today to validate Git repositories, document and digital certificates. We already know SHA-1 is insecure - security experts have been banging on about theoretical attacks facilitated by the algorithm for years. Now Google researchers have demonstrated a practical collision attack is possible. Here's what you need to know and why you should care.

0

Google introduced its Verify Apps cloud-based service in 2012 that will check every application before installation on an Android device for added security against malware and other nasties. It has been regularly updated with new features. Now Verify Apps can remove an application without confirmation from the user if the service finds that it's purely harmful.