Tagged With secured

4

IT security is something that organisations can't afford to ignore. With Australia set to introduce mandatory data breach notification laws, the need for local organisations to up their security game is only going to increase. Penetration testers (pen testers) are IT professionals that assume the role of an external or even internal threat to help organisations identify security weaknesses. It's a profession that is in high demand, by employers and job seekers. But what makes a good pen tester? We asked Nuix chief information security officer Chris Pogue.

Predicting the future is near impossible -- but that doesn‘t stop us all from having a red hot go. Human beings have been predicting the future since the beginning of history and the results range from the hilarious to the downright uncanny.

One thing all future predictions have in common: they‘re rooted in our current understanding of how the world works. It‘s difficult to escape that mindset. We have no idea how technology will evolve, so our ideas are connected to the technology of today.

0

Last week, a nasty ransomware called FileCoder was found to be targeting Apple Mac users. It was thought that there was no way to unlock any of encrpyted files since the criminals who made the ransomware didn't seem to be keeping any decryption keys. Luckily, it is possible to unlock files that have been encrypted by FileCoder; the catch is that it's a tricky process.

0

Google's Project Zero security research team has found a vulnerability that could lead to remote code execution in Microsoft's Edge and Internet Explorer browsers. This is the fourth Microsoft bug that Google has disclosed in recent months. Microsoft has yet to properly patch three of the security flaws.

10

CloudFlare, a content delivery network and web security provider used by millions of websites, has admitted that a severe security vulnerability has caused sensitive data to be exposed across a number of different websites. It has been dubbed Cloudbleed and is said to be worse than Heartbleed, a similar bug from 2014. What exactly is Cloudbleed and how could you be affected by it? Let's find out.

0

The SHA-1 cryptographic hash function may be 22 years old but it's still widely used today to validate Git repositories, document and digital certificates. We already know SHA-1 is insecure - security experts have been banging on about theoretical attacks facilitated by the algorithm for years. Now Google researchers have demonstrated a practical collision attack is possible. Here's what you need to know and why you should care.

0

Google introduced its Verify Apps cloud-based service in 2012 that will check every application before installation on an Android device for added security against malware and other nasties. It has been regularly updated with new features. Now Verify Apps can remove an application without confirmation from the user if the service finds that it's purely harmful.