• Why we need digital security forensic analysis

    Basic common sense tells us you can’t fix what you don’t know is broken. Knowing the “who”, “what”, “why”, “when” and “where” is paramount, when you think about processes that are capable to generate information and, more importantly, are able to learn and act upon the accumulated knowledge.

  • Human element of security to the fore at IRISSCON 2015

    The most neglected part of security is the human factor – and yet it’s also the most vulnerable. Several of the speakers at the recently held IRISSCON cyber crime conference riffed on this recurring theme throughout the day–long event. “Social engineering a human is more effective than getting malware onto a computer,” said Bob McArdle, manager of Trend Micro’s forward looking threat team.

  • Production freeze: Prevent, detect, correct

    As we enter the Christmas shopping season, many retail organisations go into a “production freeze” where they halt updates and configuration changes in their payment and order fulfillment systems to limit the risk of interruption and slowdowns to mission critical systems. IT teams and security folks are scrambling to test and lock in configurations, verify controls, and plead to their respective deities that systems perform exactly as intended during the shopping rush.

  • Four ways an attacker can infiltrate an organization by diverting security solutions

    Employing one of the many security solutions on the market today does not mean your organization is immune to infiltration - that much is clear from the constant string of hacks making headlines.

    Recognize that even the best products cannot offer 100% protection from malicious threat actors who want access and penetrate into your system.

  • Five big technology predictions into 2016

    Audrey William, Head of ICT Research, Australia & New Zealand, at Frost & Sullivan, discusses how security will be the biggest issue in the ICT industry driven by rapid adoption of Cloud, Mobility and the Internet of Things.

  • The current wave of data protection regulations and how it will affect the infosec industry

    In 2016, the EU is set to review the next draft of The Network and Information Security (NIS) ‘cybersecurity’ directive which will bring new compliance requirements into place, not just for EU companies but all companies who deal with EU consumer data. This is echoed in the UK, where the government has rated cyber security as a tier 1 threat, and is currently debating a new draft of the “Investigatory Powers Bill”.

  • Understanding a new security market: User behavior analytics

    We know that tracking enterprise log data to discover suspicious activity from hackers or malicious insider threats is not a new idea. Five to 10 years ago, we saw the SIEM (security information and event management) industry spike in popularity. The idea that large enterprises could systematically analyze countless security alerts in real time meant that security operations center (SOC) teams could do their jobs better.

  • Point of Sale malware gaining momentum as holiday shopping season approaches

    Point of sale (POS) systems – what consumers often call the checkout system - are often the weak link in the chain and the choice of malware. They should be isolated from other networks, but often are connected. A checkout terminal in constant use is usually less frequently patched and updated, and is thus vulnerable to all manner of malware compromising the system to gain access to cardholder data.

  • Information security innovation and the fast-paced threat landscape

    Gary Warner recently became the Chief Threat Scientist at PhishMe. In this interview he talks about how his past positions prepared him for this new job title, information security innovation, the greatest challenges that we face in the current threat landscape, and more.

  • Five hacks that will affect your life in 2016

    Cyber attackers have an abundance of opportunities to steal or modify data and disrupt business services. And their playground grows bigger and more diverse every day as the world becomes increasingly more digital.

    Going into 2016, I expect to see a number of new attack targets in the headlines, drawing everyone’s attention to the lack of privacy and security in our interconnected world. And while data breaches are common news today, below are the top five hacks that are likely to affect your life in a variety of ways in 2016.

Videos      Podcasts


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Dec 1st