Articles about auscert

Quiet cryptologist Bill Duane's war with Beijing's best

AusCERT In March 2011, a suspected-to-be-Beijing-backed hacking unit infiltrated security giant RSA, successfully subverted its SecureID product and hacked top American defence contractor Lockheed Martin. That attack left Bill Duane stressed and exhausted. Duane is a quiet cryptologist who co-developed the SecureID token. As the …
Darren Pauli, 27 May 2016

Victims stranded as ID thieves raid Aussie driver licences

AusCERT One in five Australian identity theft victims reporting to a government-backed crime monitor ID-Care have had drivers licences stolen, according to Dr David Lacey of national ID theft support service ID Care. ID Care was founded in 2014 with a budget of AUD$800,000 (£515,402, US$575,452) and receives cybercrime victim …
Darren Pauli, 27 May 2016
Image by Walther S http://www.shutterstock.com/gallery-955900p1.html

The six stages of post-security incident grief avoidance

AusCERT Audio Security and forensics man Ashley Deuble has outlined the six stages of good incident response that if followed could bring an enterprise in line with Fortune 50 best practice. The Griffith University security manager says the steps of preparation; identification; containment; eradication; recovery, and lessons learned are …
Darren Pauli, 26 May 2016

MITRE fighter says CVE delays are no laughing matter, names bug ROFL in branding protest

AusCERT Security man David Jorm has started giving important bugs names, logos and even websites, because MITRE won't assign them Common Vulnerabilities and Exposures (CVE) numbers. CVE numbers are the tags assigned to bugs and are designed to help the security industry ensure that they're all fixing the same problem. Jorm, of Console …
Darren Pauli, 25 May 2016
Skull image

Kaspersky says air-gap industrial systems: why not baby monitors, too?

I wasn't at AusCERT this year, but watching the Tweet-stream and chatting to fellow Vulture Darren Pauli kept me clued-in, and I was interested to hear that Eugene Kaspersky thinks air-gaps are a good way to protect SCADA systems. Because you won't convince the industrial sector to reverse the cost savings it got from …

New Firefox, Chrome SRI script whip to foil man-in-the-middle diddle

Scripting will in the next few months become safer with Mozilla and Google adopting a validation mechanism to protect against man-in-the-middle attacks. The Subresource Integrity (SRI) check is being developed by boffins at Google, Mozilla, and Dropbox under the World Wide Web Consortium. The specification means the integrity …
Darren Pauli, 4 Jun 2015
Auscert logo

AusCERT chief Ingram steps down

Graham Ingram, the head of Australia's first Computer Emergency Response Team (AusCERT), has stepped down after 12 years in the role. Ingram joined the University of Queensland's AusCERT in 1993 and was on Friday replaced by the university's current incident response chief Thomas King. The incoming director said he wanted to …
Darren Pauli, 28 Jul 2014
No sign

How exec snatched $6m budget from his infosec team because he couldn't see ROI

AusCERT The Australian Information and Security Association (AISA) is testing the security chops of 150 executives on Australian boards in an effort that may prove information security is only a "top priority" after a breach. It will take most of the year for the association to phone the executives in some of the nation's biggest …
Darren Pauli, 15 May 2014
Australia China

Latest IE flaw being actively exploited

AusCERT April's Internet Explorer flaw is being exploited, with at least two listed Australian entities targeted by a sophisticated foreign hacking outfit. The organisations were targeted in a campaign that foisted the Internet Explorer exploits (MS14-021) at high end corporations three days after the dangerous flaws were exposed. …
Darren Pauli, 15 May 2014
Own goal

Microsoft bug hunters kicked 0day own goal

AusCERT A team of Microsoft researchers had kicked an own goal by alerting a third party to a zero day vulnerability that they were unaware also affected Redmond. The gaffe in the early days of the Microsoft Vulnerability Research (MSVR) team didn't result in Redmond getting owned, but prompted the creation of a rule in the department …
Darren Pauli, 15 May 2014

Forget the word 'cyberwar' says Marcus Ranum

Security veteran and CSO at Tenable Marcus Ranum has made a plea* for the world to stop using the expression “cyberwar”, for the very good reason that there's nearly no way in which it resembles war in the physical world. “How can you call something a domain of warfare when the most important properties of warfare cannot …
The Register breaking news

Media, industry and cops baffled as Qld Police return hack’s iPad

A leading Australian computer law and privacy researcher says Queensland Police’s “daft” decision to confiscate a journalist’s iPad last week could be a blessing in disguise. Visiting Professor at the University of NSW's Cyberspace Law & Policy Centre Roger Clarke said: “On the surface of it, the plods who did the arresting …
The Register breaking news

Aussie cops grab journo for reporting Facebook vuln demo

A tech writer attending the AusCERT conference in Queensland says he has been arrested and released by Queensland Police over a story written at the conference. Ben Grubb, a journalist for the Fairfax stable of newspapers, flicked off a short Tweet after his arrest: "I've been arrested by Queensland Police for a story I wrote …

Create a news alert about auscert, or find more stories about auscert.

Biting the hand that feeds IT © 1998–2018