Tagged With security

1

Cloud syncing of data is one of those things we've come to rely on. But we also trust cloud services to protect our data. And that extends to deletions. ElcomSoft has proven that it is possible to retrieve deleted notes after the 30-day window that Apple has set for getting notes back.

2

With WannaCry garnering a lot of attention over the last few days, it's easy to forget that the root cause of the damage it wreaked is still out there. The vulnerability it exploited was a weakness in Windows' file-sharing protocol. And while the threat of WannCry has been largely contained, if the vulnerability, dubbed EternalBlue by the NSA, remains unpatched, it can be exploited by others. And that's something being identified in the wild.

0

Google I/O is the search and advertising giant's annual shindig for developers. This year, you could tick a few items off your buzzword bingo cards as they made a number of big announcements about mobile, security, AI - even Gmail received some love. Here are a few of the key announcements.

8

The government is looking "very closely" at invoking a ban on passengers carrying laptops on international flights for certain legs. Prime Minister Turnbull told ABC News "We are taking into account all of the information and advice we're receiving internationally and we're working very closely with our partners. In due course, any announcements will be made formally though the Transport Minister."

0

Browser cookies are one of those technical bits of the internet that almost everyone has some awareness of. They're also probably one of the most misunderstood aspects of browsing. Today we're here to clear up the confusion.

0

Microsoft's President and Chief Legal Officer, Brad Smith, says this week's WannaCry attack "provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem". And while Smith says Microsoft and other tech companies need to take the lead on combatting these widespread attacks, he highlights the shared responsibility required to protect, detect and respond to threats.

0

By now, you'll know all about WannaCry - a ransomware attack that ran rampant late last week and over the weekend. While ransomware attacks suck - they can cost a lot to recover from whether you measure that in ransoms or time lost in recovery - the worrying thing about WannaCry was the attitude of many organisations when it comes to updates and patching.

0

Last September, a bunch of major websites were rendered 404 when the Mirai botnet surfaced. By attacking hundreds of thousands of unsecured IoT devices Mirai was able to attack DNS provider Dyn resulting in hundreds of online services dropping like flies. Persirai borrows some code from Mirai but "improves" upon it.

1

New research released today by Telsyte says the IoT market is set to soar with more than 300 million connected devices in Australian homes by 2021. That's more than ten devices for every man, woman and child - and excludes commercial devices and applications. While managing and securing those devices will be a massive challenge, keeping them connected and remotely accessible will also see our telcos scrambling as they seek to further embed themselves in our lives

0

Unsecured web browsers are a key vector used by malware distributors and threat actors. So, it's unsurprising that browser developers are constantly looking for ways to protect users. If you're a member of Microsoft’s Enterprise business service and are in the Fast Ring test group then you'll get access to Windows Defender Application Guard. This is a sandbox that keeps the browser window isolated from the rest of your computer's resources.

0

AMT, or Active Management Technology, is an Intel technology, that combines hardware and firmware used for maintaining and updating systems. Last week, Intel issued a security advisory for their server-based products that said AMT could be exploited and give unauthorised parties access to a number of processor features. Analysis at SSH Communications Security says this is a very serious issue and that owners of affected systems should disable AMT. Consumer systems are not affected.

Shared from Gizmodo

0

You've spotted an app, site, or service you like the look of, it's completely free to use, and so you're ready to sign up — but how can you tell the service is above-board and legit? That you're not going to be subject to nefarious dark pattern tactics or see you or your teens sensitive data shared with advertisers. Before joining a service that seems to good to be true take the steps below. Common sense and a little digging can usually save you from the shadiest apps.

0

It's Star Wars Day. And that means celebrating the fall of the Empire and the Rebel's victory, short-lived as it might have been, of the Alliance. But while we often focus on the Jedi's use of the Light Side and the military tactics of the Rebels, we forget that their strategic and tactical victories came because of their skills as master hackers. And if you've not seen any of the Star Wars movies, spoilers follow!

0

Check Point's malware research team has detected a new strain of malware. OSX/Dok (or OSX.Dok) affects all versions of OSX and is signed with a valid developer certificate authenticated by Apple (which has been revoked since the malware's discovery). It is the first major scale malware to target OSX users via a coordinated email phishing campaign.

3

Ever since Bill Gates launched the Trustworthy Computing strategy at Microsoft, the software company has done a good job at addressing security issues in a timely manner. Regular patching, complemented by out-of-cycle releases when critical issues are detected and resolved are now commonplace. So when news broke that it took Microsoft nine months to fix a serous flaw, it was something of a surprise to me.