The Windows 10 security guide: How to safeguard your business
Featured Stories
Articles about Security
Home Affairs proposes cyber regulations and legal immunities to respond to threats
Private companies running systems of national significance need to hand over information on networks and systems if requested by Home Affairs.
Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days
Microsoft says attackers have used a Windows zero-day to spoof file signatures and another RCE in the Internet Explorer scripting engine to execute code on users' devices.
Threema joins the ranks of E2EE chat apps that support encrypted video calls
Other E2E chat apps that support encrypted video calls include Signal, WhatsApp, Wickr, and Wire.
Smackdown: Enterprise monitoring vs TLS 1.3 and DoH
New encryption standards TLS 1.3 and DNS-over-HTTPS are sweeping the last crumbs of visible user activity off the enterprise network table. Fail to take any action, and within two years, you'll lose the ability to analyze network traffic and detect the cyberthreats that will endanger your organization.
Slack enhances data security controls with new features
Giving administrators more control and visibility while enabling external collaboration to occur securely.
Mozilla lays off 250 employees while it refocuses on commercial products
Mozilla: "Our pre-COVID plan is no longer workable."
Ransomware: These warning signs could mean you are already under attack
File-encrypting ransomware attacks can take months of planning by gangs. Here's what to look out for.
Security researcher publishes details and exploit code for a vBulletin zero-day
Proof-of-concept exploit code available in Bash, Python, and Ruby.
1Password is coming to Linux
One of the most popular password managers, 1Password, is finally releasing a desktop Linux client.
A mysterious group has hijacked Tor exit nodes to perform SSL stripping attacks
At one point, the group ran almost a quarter of all Tor exit nodes. Group still controls 10% of all Tor exit nodes today.
Have I Been Pwned to release code base to the open source community
Troy Hunt has made the decision following an unsuccessful attempt to have the platform acquired.
ACCC says bank screen scraping warnings are not anti-competitive
Warnings about handing over bank credentials to others are general security warnings, not seen as trying to lessen competition.
FBI says an Iranian hacking group is attacking F5 networking devices
Sources: Attacks linked to a hacker group known as Fox Kitten (or Parisite), considered Iran's "spear tip" when it comes to cyber-attacks.
IGIS still calling for more staff to provide oversight of ASIO's encryption-busting powers
This is in addition to the extra personnel that would be required if the Inspector-General of Security's jurisdiction expanded to four more intelligence agencies.
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI
The block was put in place at the end of July and is enforced via China's Great Firewall.
Apricorn Aegis Secure Key 3NXC
The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have been asking for -- USB-C support.
YubiKey 5Ci Clear Limited Edition
Transparency in security.
Certo AntiSpy iPhone Spyware Detection
Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion.
Android Smart Lock -- in pictures
Would you like to spend less time unlocking your Android smartphone? Android has you covered.
Inside an encrypted external hard drive -- in pictures
Quite a few readers have expressed an interest in seeing what's inside a super-secure DataLocker DL3 encrypted hard drive. Well, let's get the screwdrivers out and take a look!
iVerify: Added security for iPhone and iPad users
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download.
DataLocker DL3 in pictures
External hard drive featuing AES 256-bit XTS mode encryption and a built-in LCD keypad.
The worst IoT, smart home hacks of 2020 (so far)
Millions of us have adopted smart home and IoT devices, but these products continually prove themselves to be vulnerable endpoints. Here are some of the most noteworthy IoT cyberattack examples of this year.
DataLocker Sentry K300 encrypted micro SSD in pictures
Time to dump those cheap dollar-store flash drives, or the ones you picked up at a trade show and get a encrypted micro USB SSD that would impress James Bond.
The biggest hacks, data breaches of 2020 (so far)
Despite a worldwide pandemic, cyberattackers haven't stopped poking holes in our defenses. These are the worst incidents so far in 2020.
Minut privacy-based smart home sensor in pictures
Minut is a noise, temperature, and motion sensor that has been built for privacy that's aimed primarily at the short-term rental market -- think Airbnb, that sort of thing.
Dynabook 10th-gen Intel Core processor Portégé X Series laptops
These laptops conform to Microsoft’s Windows 10 Secured-core PC requirements and have been tested to meet or exceed MIL-STD-810G standards.
eWBM Goldengate FIDO2 Level 2 security key (in pictures)
The world's first and currently only FIDO2 Level 2 security key with built-in fingerprint reader.
All the major Intel vulnerabilities
A list of all the major vulnerabilities that impact Intel processors.
The most dangerous iOS, Android malware and smartphone vulnerabilities of 2019
Malware which resists removal to covert spying on locked smartphones -- mobile threats are becoming more complex and dangerous with each year that passes.
Commonwealth entities left to self-assess security in cloud procurement
With the government's Cloud Services Certification Program now shuttered, Commonwealth entities will be required to perform their own due diligence when procuring cloud services.
1,050 data breaches reported to Australian commissioner in 12 months
As health continues to hold crown as most breached sector in Australia.
White hat hacker reveals the real job of an infosec pro
ZDNet Security Update: Danny Palmer talks to Bugcrowd's Anna Westelius about what it takes to work in the field of information security and why more diversity is needed to drive the industry forward.
Hackers could sniff your data as its transmitted by satellites
Black Hat 2020: A researcher at Oxford University has demonstrated how he could gain access to sensitive information on corporate networks by targeting traffic being transmitted by satellites.
What happened when Black Hat went virtual
Danny Palmer tells Karen Roby about some of the research to come out of the Black Hat cybersecurity conference - and what impact going virtual has had on the event. Read more: https://zd.net/2C32RFp
OkCupid: As dating app use grows during lockdown, be aware of security issues
Researchers discovered a way to steal the personal and sensitive data of users on the popular dating app.
North Korean group behind phishing attack against US defense and aerospace firms
Cyber-security firm McAfee publishes details about "Operation North Star."
Psychological targeting: Smartphone usage data can predict user's personality type
Research shows that smartphone usage patterns can reveal four of the five key personality traits.
Why Iranian hacking operations could be a threat to your network
ZDNet Security Update: Danny Palmer talks to Rafe Pilling, senior security researcher at Secureworks, about the rise of state-backed cyber attacks coming out of Iran and how to protect your network from falling victim.
US and UK cybersecurity agencies send a joint alert about QSnatch malware
QSnatch malware, first spotted in late 2019, has grown from 7,000 bots to more than 62,000, according to a joint US CISA and UK NCSC security alert.
Cyber crime on the rise during COVID-19 pandemic
Tonya Hall sits down with Uri Rivner, co-founder and chief cyber officer at BioCatch, to talk about the increase of cyber attacks to remote accessing softwares, mobile devices, and identity theft during the pandemic.
Eftpos develops micropayment proof-of-concept with Hedera Hashgraph
It's also trialling a digital identity solution with Australia Post.
FBI warns US companies operating in China of malicious tax software
Following two separate incidents, the FBI is now warning US companies about backdoors in Chinese tax software.
Ransomware: Hackers strike and football club defences are exposed
Cyber criminals are targeting sports teams, leagues and organisational bodies – and in many cases, their attacks are successful, warns the NCSC.
IBM's financial services cloud: New in-built dashboard and a stronger ecosystem
The new dashboard will allow companies to monitor security and enforce compliance across their workloads.
Top Stories
-
![China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI]()
Security
China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI
-
![Ransomware: These warning signs could mean you are already under attack]()
Security
Ransomware: These warning signs could mean you are already under attack
-
![Garmin services and production go down after ransomware attack]()
Security
Garmin services and production go down after ransomware attack
-
![Windows 10 2004 issues: Now browser bugs hit – Edge startup launches, Chrome sign-outs]()
Enterprise Software
Windows 10 2004 issues: Now browser bugs hit – Edge startup launches, Chrome sign-outs
-
![Australia's COVIDSafe contact tracing story is full of holes and we should worry]()
Security
Australia's COVIDSafe contact tracing story is full of holes and we should worry