Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. […]
Cybersecurity
Proof-of-concept iOS exploit released by Google’s Project Zero
A security researcher for Google’s Project Zero team has released a proof-of-concept iOS exploit that takes advantage of another Broadcom Wi-Fi issue. The vulnerability abused by Gal Beniamini, a security researcher for Google Project Zero based in Israel, was found in the same Broadcom BCM4355C0 Wi-Fi chips affected by the Broadpwn […]
MacOS can be exploited to reveal keychain passwords, researcher warns
Launched just days ago, the latest release of Apple’s operating system for Macs contains a known zero-day vulnerability that could allow attackers to exfiltrate passwords from the user’s keychain. The flaw is also in older versions of macOS, so Mac users are are affected regardless of whether or not they upgraded their systems. Patrick […]
Guide to securing personal information
Introduction This ‘Guide to securing personal information’ (Guide) provides guidance on the reasonable steps entities are required to take under the Privacy Act 1988 (Cth) (Privacy Act) to protect the personal information they hold from misuse, interference, loss, and from unauthorised access, modification or disclosure. It also includes guidance […]
Apple’s iOS 11 release prevents backdoor exploit on Wi-Fi chips
Apple’s release of iOS 11 patched an out-of-bounds write vulnerability in Wi-Fi chips that, if exploited, could have allowed attackers within range to execute arbitrary code on the firmware. Designated CVE-2017-11120, the bug was discovered by team researcher Gal Beniamini, and is comparable to the Broadpwnvulnerability found in Broadcom chipsets earlier this year. Following Apple’s Sept. […]
Cisco Closes Backdoor to Umbrella Virtual Appliances
Cisco Umbrella is a cloud-based Secure Internet Gateway (SIG) designed to provide visibility and protection for devices on and outside the corporate network. Virtual appliances allow organizations to map internal IPs to internal Active Directory users and computers, and forward external DNS queries from the network to an Umbrella data […]
Cyberwar: A guide to the frightening future of online conflict
What is cyberwar? At its core, cyberwarfare is the use of digital attacks by one country or nation to disrupt the computer systems of another with the aim of create significant damage, death or destruction. What does cyberwarfare look like? Cyberwar is still an emerging concept, but many experts are […]
Achieving long-term resilience with NIST’s Cybersecurity Framework
The laudable aim of the National Institute of Standards and Technology (NIST) is to build a common language through a set of best practices and security principles that any organization can apply to combat cybercrime. We’ve looked at what NIST’s Cybersecurity Framework can do for you. We’ve also drilled a little […]
Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known
Russia’s cyberattack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported. To read the original article: https://www.bloomberg.com/news/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections
Malware Slipped into CCleaner Could Steal PC User Data
Anyone who’s recently downloaded CCleaner, a PC optimization tool developed by London-based Piriform, should update the software immediately to avoid malware that was inserted into one version of the program. It’s uncertain how the malware was slipped into CCleaner, a utility program that Piriform said has been downloaded some 2 […]