The Australian Cyber Security Centre (ACSC) has published advice on how small businesses can better protect themselves from cyber attacks and disruptions during COVID-19. The Head of the ACSC, Ms Abigail Bradshaw CSC, said since early March 2020, there has been a significant increase in COVID-19 themed malicious cyber activity across Australia and small businesses are far from immune. “Small businesses can be big targets for cyber...
Read More
If you use Apple iPhone or MacBook, here we have a piece of alarming news for you. Turns out merely visiting a website — not just malicious but also legitimate sites unknowingly loading malicious ads as well — using Safari browser could have let remote attackers secretly access your device's camera, microphone, or location, and in some cases, saved passwords as well. Apple recently paid a $75,000...
Read More
Mr Karl Hanmore, acting Head Australian Cyber Security Centre, interview with Wendy Harmer and Robbie Buck on ABC Radio Sydney, 27 March 2020 WENDY HARMER: Well, you can go to NSW Health, of course, for all the latest on the coronavirus and don't forget to go to the ABC web page as well. We have heaps of stuff there for you to look at: all the...
Read More
In our previous stories, you might have already read about various campaigns warning how threat actors are capitalising on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money. Unfortunately, to some extent, it's working, and that's because the attack surface is changing and expanding rapidly as many organisations and business tasks are...
Read More
Cybersecurity needs unconventional hires to help lead the next phase of development and innovation, coupled with salaries that aren't insulting. Think of the hottest high-tech regions and two words likely come to mind: Silicon Valley. There’s no question that the area stretching from San Francisco to San Jose continues to be the undisputed world leader when it comes to technology innovation and development, and of course,...
Read More
A zero-trust, prevention-first approach is necessary to keep us safe, now and going forward. In the TV series Mr. Robot, Elliot Alderson, a gifted cybersecurity engineer by day, moonlights as a vigilante hacktivist for the "fsociety" group, which conspires to topple corporate America by canceling the debt records of every citizen. In this doomsday scenario, cyber anarchists aim to disrupt the financial infrastructure that supports the global...
Read More
A fictitious industrial company with phony employees personas, website, and PLCs sitting on a simulated factory network fooled malicious hackers - and raised alarms for at least one white-hat researcher who stumbled upon it. S4x20 CONFERENCE - Miami - For seven months, researchers at Trend Micro ran a legitimate-looking phony industrial prototyping company with an advanced interactive honeypot network to attract would-be attackers. The goal was to...
Read More
Endpoint detection and response (EDR) is a category of security tools that monitor end-user hardware devices across a network for a range of suspicious activities and behaviour, reacting automatically to block perceived threats and saving forensics data for further investigation. An EDR platform combines deep visibility into everything that's happening on an endpoint device — processes, changes to DLLs and registry settings, file and network activity...
Read More
Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorizedly access this information were primarily social media management and video streaming apps that let group admins manage their groups more effectively and help...
Read More
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild...
Read More