Machine learning is changing the way systems are being designed and how we process information. That's true in security as well. But can a ML-based approach protect us when dealing with attack vectors and exploits that haven't been seen before? I spoke with Cylance's VP for engineering, Milind Karnik.
Tagged With security
Researchers at malware and security software testing company AV-TEST have discovered 139 samples of malware that "appear to be related to recently reported CPU vulnerabilities." Although most of the samples they discovered seem to be based on proof-of-concept software created by security researchers the number of unique samples is on the rise.
The Federal government is going to spin revelations of the leaked Cabinet papers in lots of ways. But the entire matter comes down to a simple fact. Information security might be backed by technology in many cases. But all the best tech in the world isn't worth a pinch of salt if humans cock things up.
This leak, which will cause great embarrassment in government and opposition ranks, is the fault of people who simply didn't do their jobs.
GitHub is pretty much the biggest game in town when it comes to sharing software development projects. But it can be challenging to ensure projects are saved without accidentally revealing credentials and other secrets. Microsoft has offered some some advice and tools to help protect against accidentally revealing confidential data.
Have you ever walked up to an ATM and wished it would spew out thousands of dollars instead of you panicking if a $20 withdrawal will be rejected? It turns out that with some malware and custom hardware, it's possible to turn an ATM into a poker machine that pays out every time. These attacks are widespread in Asia and Europe but they have hit the US, with the technology now becoming increasingly accessible.
Israeli security firm Checkmarx has found that it's possible to reconstruct someone's Tinder session, including access to photos, by capturing traffic if you're connected to the same Wi-Fi network. The issue affects both the iOS and Android version of the app with a proof-of-concept app, dubbed TinderDrift, created to highlight how the flaw can be used.
A long, long time ago, having a good password was all you needed to make sure your Gmail (or other online) account was secure. Now, if you don't have two-factor authentication, or 2FA, then you're missing out on a really simple way to protect yourself. Why, then, do less than 10 per cent of Gmail users have 2FA enabled? Great question.
Viruses don't want to be removed, so the nastier ones will fight to stay put by disabling protection software, cloaking their presence and even generating fake windows and dialog boxes to give you a bum steer. Looks like malicious extensions are getting in on the action too, doing whatever they can to evade uninstallation.
While lists are available to show you what platforms are affected by Spectre and Meltdown, it'd be nice if you could just run a tool and have it tell you what you're protected against. For Windows users, SpecuCheck is one such option.
After news broke that nearly every processor in your computers and mobile devices was vulnerable to attack thanks to two security flaws -- Meltdown and Spectre -- companies like Microsoft and Google have released patches to shore up the security of their respective operating systems and devices. Apple is now joining the party, releasing a statement about its affected devices and instructing its users to update their devices.
There are a pair of security flaws present in nearly every device you've got that could allow hackers to steal information like passwords and other personal information. The exploits, Spectre and Meltdown, take advantage of actual flaws in the design of your device's microprocessor.
No matter what your console is, you can add passcode, verification methods and two-factor authentication options and do it either through your web browser or on the console itself. Sorry, but you're out of excuses of why you haven't secured your account from people looking to steal your personal information.
That innocent-looking mobile game you just downloaded might just have an ulterior motive. Behind the scenes, hundreds of different apps could be using your smartphone's microphone to figure out what you watch on TV, a new report from The New York Times reveals. Here's what you need to know about these eavesdropping apps and what you can do to stop them.
Wi-Fi startup PoweredLocal is launching a national mesh Wi-Fi network that will merge its 2,100 Wi-Fi access points in venues and retailers across Australia. The aim is to address what the company says are some key pain points with existing public Wi-Fi offerings such as slow data speeds and excessive login screens. Do we need more free Wi-Fi? And it seems that there is a hidden cost with this free service.
A team from the University of Melbourne has been able to take de-identified data of 2.9 million Australians and put it back together to identify who the data pertains to. This has potentially placed the personal data on more than one in ten Aussies in public, with sport stars and other public figures likely to be targeted.
It used to be that tracking a person involved a deep knowledge of nature, a keen eye and maybe a dog or two. Nowadays it doesn't involve more than a bit of code and a few mouse clicks. Here, we'll walk you through all the different ways your information is tracked online and how you can protect your data from prying eyes.
A vulnerability from last century, dubbed ROBOT (Return Of Bleichenbacher’s Oracle Threat) is back and potentially impacts a number of major websites including Facebook and Paypal. ROBOT affects the handling of RSA encryption keys as they are applied to the TLS protocol. If a website uses these keys, it is possible to launch a man-in-the-middle attack by sending dodgy queries to a website which result in the session key being revealed. This allows an attacker to decrypt traffic between the web server and the browser.