Articles about infosec

Don't be an idiot

Oz military megahack: When crappy defence contractor cybersecurity 'isn't uncommon', surely alarm bells ring?

While Australia's federal government scrambles to hose down a hacking incident, it's important to ask why a defence contractor of any size could run a network so insecure it exposed default administrative interfaces to the Internet. An Australian Signals Directorate (ASD) presentation to the Australian Information Security …

Welcome to the Rise of the Machine-to-Machine. Isn't it time to 'block off' some data ducts?

Sysadmin blog Do you remember Web 2.0, Web 3.0 and so forth? It's marketing terminology that was popular at the turn of the millennium and was as used and abused as "cloud" is today. Underneath all the fluff, however, were solid and reasoned ideas about how technology would evolve and the benefits they'd bring. To understand where …
Trevor Pott, 1 Aug 2017
Wages

Quick, better lock down that CISO role. Salaries have apparently hit €1m

Salaries for chief information security officers (CISOs) at leading European firms have hit €1m (£850,000) as the threat of data breaches grows, City AM reports. An experienced CISO told El Reg that only his counterparts in merchant banks could hope for such a salary. "Outside of investment banking I think total packages of £ …
John Leyden, 22 May 2017
Energy meters

Australia' Smart meter leaders lag in securing devices

Default passwords, unpatched firmware, unencrypted traffic: according to a report from a Canberra University research organisation, Australia's smart electricity meter rollouts are characterised by n00b-level security gaffes. The warning comes from the University's Centre for Internet Safety, which published its Smart Meters: …

FireEye execs exit, following hundreds of staff restructured into redundancy

FireEye has bid farewell to two of its top executives, who are departing on the heels of the hundreds of staff who left following CEO Kevin Mandia's restructure of the business last year. The enterprise cybersecurity outfit is still “on the path to profitability” according to Mandia, who announced the departures of his …

Ooooh, that's NASty. Security-watchers warn over man-in-the-middle risk

Updated Vulnerabilities in a network attached storage (NAS) devices made by QNAP Systems create a potential means for hackers to steal data and passwords, execute commands or drop malware on vulnerable kit, say security researchers. Researchers at F-Secure claim they have found a series of weaknesses in the firmware update process of …
John Leyden, 18 Jan 2017

Smart fingerprint padlock startup to $320k backers: Sorry for the radio silence

TappLock, a startup promising the "world's first smart fingerprint padlock" has claimed that issues with manufacturing in China were behind the months of silence which provoked aggrieved backers to contact The Register, fearing fraud. The padlock business had managed to raise over $320,000 on the crowd-funding site Indiegogo …
Standup comedian faces the crowd. Photo by shutterstock

What do you call a firm that leaves customer financials unencrypted on a hard drive? RSA

A UK insurance business has been fined £150,000 for its lax security practices after a hard drive containing customers' unencrypted information was stolen. The hard drive disappeared from the offices of Royal & Sun Alliance insurance (ironically it prefers the abbreviation RSA) back in 2015. It contained 59,592 customers' …
Kids car snow, image via Shutterstock

DDoS script kiddies are also... actual kiddies, Europol arrests reveal

Law enforcement bods at Europol have arrested 34 users of Distributed Denial of Service (DDoS) cyber-attack tools and interviewed and cautioned 101 suspects in a global crackdown. Unsurprisingly, the users identified by Europol’s European Cybercrime Centre (EC3) were mainly young adults under the age of 20. The body worked …
Kat Hall, 12 Dec 2016

NCC stirs in 'lumpy' bits of Fox, produces sales gravy. But market still chokes

UK-based infosec outfit NCC Group has weathered a tricky summer period that involved some contract deferrals and cancellations while still managing to post a profit. Group revenues for the four month till the end of September increased £79.6m compared to £58.5m in the same June to September period last year. The increased …
John Leyden, 20 Oct 2016
botnet

Singapore slings millions into ASEAN infosec

Singapore is slinging S$10 million (around US$7.2 million) into a fund to help infosec in ASEAN (the Association of South East Asian Nations). According to Singapore's Today Online, the money is for “resources, expertise and training”. The program was announced by Singapore's minister for communications and information, Dr …
mAN SMILES INTO CAMERA, pHOTO BY sHUTTERSTOCK

US National Security Agency gets CREST smile

CREST, the UK-based certification and accreditation body for the infosec industry, has signed an agreement with the National Security Agency to take over its incident response accreditation programme. Supported by the Foreign and Commonwealth Office in the UK, which is seeking to promote the UK's professional cyber security …
Archer cracks the ISIS mainframe's password

UK Labour man Owen Smith: If you wanna be a leader, you gotta stop with that lens

The campaign for a leadership candidate for the UK's Labour party, Owen Smith, accidentally tweeted a photo that showed the login details for the campaign's phone bank system over the weekend. Security experts have chided the Labour leadership candidate for the cockup, which follows similar mistakes by organisers of the World …
John Leyden, 6 Sep 2016
Angry man on laptop. Illustration via Shutterstock

Sealed with an XSS: Popular vulnerabilities probed

If we have internet-facing web servers (and other types of server, for that matter) we care about how vulnerable they are to attack. There are loads of services out there that you can use to probe your public-facing systems, and they'll tell you loads of useful stuff about why they might be vulnerable. But of course they're only …
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Odds are your office is ill-prepared for network-ransacking ransomware

Organizations are unprepared for future strains of more sophisticated ransomware, a report by Cisco warns. The networking giant's 2016 Midyear Cybersecurity Report concludes that the next wave of ransomware is expected to be more pervasive and resilient. While current strains typically infect a single computer, future …
John Leyden, 26 Jul 2016

Australia gets one-quarter of a minister for national infosec

If you were hoping tech would get some kind of boost in the Turnbull government's third ministry, prepare for disappointment. Mitch Fifield retains communications, and Fiona Nash remains minister for regional communications – which at least means the telcos don't have to spend the time and energy getting to know capturing …
Happy man holds flag of Israel. Pic: Shutterstock

Israeli cybersecurity boom 'sustainable', argues industry’s father

Israel cyber week The "father" of Israel's cybersecurity industry reckons the unprecedented growth in its security startup industry can be sustained. Isaac Ben Israel, who heads the Interdisciplinary Cyber Research Center (ICRC) at Tel Aviv University, estimates there are 400 cybersecurity firms in Israel. Together with more established …
John Leyden, 22 Jun 2016

The least stressful job in the US? Information security analyst, duh

Everyone knows that being an infosec analyst is a cushy job – but did you know quite how much? Because according to job website CareerCast, it is literally the least stressful job in the country. The company measured 11 stress factors, including the amount of travel, deadlines, competitiveness, physical demands, risk to your …

Create a news alert about infosec, or find more stories about infosec.

Biting the hand that feeds IT © 1998–2018