Cloud syncing of data is one of those things we've come to rely on. But we also trust cloud services to protect our data. And that extends to deletions. ElcomSoft has proven that it is possible to retrieve deleted notes after the 30-day window that Apple has set for getting notes back.
Tagged With security
With WannaCry garnering a lot of attention over the last few days, it's easy to forget that the root cause of the damage it wreaked is still out there. The vulnerability it exploited was a weakness in Windows' file-sharing protocol. And while the threat of WannCry has been largely contained, if the vulnerability, dubbed EternalBlue by the NSA, remains unpatched, it can be exploited by others. And that's something being identified in the wild.
The government is looking "very closely" at invoking a ban on passengers carrying laptops on international flights for certain legs. Prime Minister Turnbull told ABC News "We are taking into account all of the information and advice we're receiving internationally and we're working very closely with our partners. In due course, any announcements will be made formally though the Transport Minister."
Microsoft's President and Chief Legal Officer, Brad Smith, says this week's WannaCry attack "provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem". And while Smith says Microsoft and other tech companies need to take the lead on combatting these widespread attacks, he highlights the shared responsibility required to protect, detect and respond to threats.
By now, you'll know all about WannaCry - a ransomware attack that ran rampant late last week and over the weekend. While ransomware attacks suck - they can cost a lot to recover from whether you measure that in ransoms or time lost in recovery - the worrying thing about WannaCry was the attitude of many organisations when it comes to updates and patching.
If you've been holding out on updating your SourceTree client, now might be the time to reconsider, with a "critical" vulnerability found in older versions of the program. Both Mac and Windows flavours are affected.
Last September, a bunch of major websites were rendered 404 when the Mirai botnet surfaced. By attacking hundreds of thousands of unsecured IoT devices Mirai was able to attack DNS provider Dyn resulting in hundreds of online services dropping like flies. Persirai borrows some code from Mirai but "improves" upon it.
New research released today by Telsyte says the IoT market is set to soar with more than 300 million connected devices in Australian homes by 2021. That's more than ten devices for every man, woman and child - and excludes commercial devices and applications. While managing and securing those devices will be a massive challenge, keeping them connected and remotely accessible will also see our telcos scrambling as they seek to further embed themselves in our lives
It's been a rough week in Mac security. First, Checkpoint warned users of a Trojan spreading in Europe that was the first of its kind. And now, one of the most prominent video transcoding apps for Mac has a malware problem.
Unsecured web browsers are a key vector used by malware distributors and threat actors. So, it's unsurprising that browser developers are constantly looking for ways to protect users. If you're a member of Microsoft’s Enterprise business service and are in the Fast Ring test group then you'll get access to Windows Defender Application Guard. This is a sandbox that keeps the browser window isolated from the rest of your computer's resources.
AMT, or Active Management Technology, is an Intel technology, that combines hardware and firmware used for maintaining and updating systems. Last week, Intel issued a security advisory for their server-based products that said AMT could be exploited and give unauthorised parties access to a number of processor features. Analysis at SSH Communications Security says this is a very serious issue and that owners of affected systems should disable AMT. Consumer systems are not affected.
You've spotted an app, site, or service you like the look of, it's completely free to use, and so you're ready to sign up — but how can you tell the service is above-board and legit? That you're not going to be subject to nefarious dark pattern tactics or see you or your teens sensitive data shared with advertisers. Before joining a service that seems to good to be true take the steps below. Common sense and a little digging can usually save you from the shadiest apps.
It's Star Wars Day. And that means celebrating the fall of the Empire and the Rebel's victory, short-lived as it might have been, of the Alliance. But while we often focus on the Jedi's use of the Light Side and the military tactics of the Rebels, we forget that their strategic and tactical victories came because of their skills as master hackers. And if you've not seen any of the Star Wars movies, spoilers follow!
Check Point's malware research team has detected a new strain of malware. OSX/Dok (or OSX.Dok) affects all versions of OSX and is signed with a valid developer certificate authenticated by Apple (which has been revoked since the malware's discovery). It is the first major scale malware to target OSX users via a coordinated email phishing campaign.
Ever since Bill Gates launched the Trustworthy Computing strategy at Microsoft, the software company has done a good job at addressing security issues in a timely manner. Regular patching, complemented by out-of-cycle releases when critical issues are detected and resolved are now commonplace. So when news broke that it took Microsoft nine months to fix a serous flaw, it was something of a surprise to me.
Lenovo has issued a security advisory notifying customers that the initialisation tool shipped on a USB stick for the Lenovo V3500, V3700 and V5000 Gen 1 storage systems manufactured by IBM comes a file that has been infected with malicious code.