Technology news for Australia's largest enterprises
These search results are from across the Techday network of sites
Popular enterprise printers riddled with security risks
Researchers from NCC Group analysed different aspects of six mid-range enterprise printers manufactured by HP, Ricoh, Xerox, Lexmark, Kyocera, and Brother.
Check Point: Attackers executing commands remotely with latest malware
Threat actors are quick to try and exploit new vulnerabilities when they emerge, before organisations have had the chance to patch them.
F5 Networks' BIG-IP load balancer product vulnerable to attack
Organisations that use F5 Networks BIG-IP load balancer should immediately check their configurations to ensure they are protected from potentially serious security issues.
Cohesity launches new vulnerability scan using backup data
The application works by scanning backup copies on to identify any vulnerabilities across an organisation’s IT environment.
Vulnerabilities in cloud containers soar, report finds
“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase."
Huawei working to patch critical security vulnerabilities
Huawei is proactively working with Swascan researchers to fix the vulnerabilities, which could affect three main areas: confidentiality, integrity, and availability.
UPDATED: Orvibo & Arlo smart home products patched to prevent attacks
The security of smart home devices is once again under the spotlight this week, as two different device manufacturers come under fire for major vulnerabilities.
Major vulnerability found Electronic Arts gaming client
Once exploited, the vulnerabilities would have led to player account takeover and identity theft, Check Point and CyberInt found.
Slack users urged to update to prevent security vulnerability
Businesses that use popular messaging platform Slack are being urged to update their Slack for Windows to version 3.4.0 immediately.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."
Forget endpoints—it’s time to secure people instead
Security used to be much simpler: employees would log in to their PC at the beginning of the working day and log off at the end. That PC wasn’t going anywhere, as it was way too heavy to lug around.
PrinterLogic software vulnerable to remote attacks
The vulnerabilities affect PrinterLogic versions 220.127.116.11 and older.
Security alert: More than 2 million IoT devices are now junk
More than two million security cameras, baby monitors, and smart doorbells are affected by security vulnerabilities that could allow cybercriminals to hack devices and spy on homes.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Aura Infosec discovers major Mozilla Firefox vulnerability
Alex Nikolova made the discovery while conducting a research project on the same-origin policy of various web browsers.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
Check Point names February’s most disruptive malware
Check Point’s researchers confirm Coinhive holds the top position in February's Top Malware index for fifteenth successive month before it shut down, while GandCrab distribution campaigns increase.
Logitech Harmony Hub vulnerabilities leave devs fuming
Logitech has bowed to public pressure and reinstated a developer firmware version of its popular Harmony Hub, after it was revealed that the Hub had critical security flaws.
GitHub's Bug Bounty program gets bigger
GitHub’s Bug Bounty program is now five years old and to mark the occasion it has revamped the program’s scope, rewards, and new legal rules.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Swiss Post asks public to hack its e-voting system
Switzerland’s postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Security flaw in Xiaomi electric scooters could have deadly consequences
An attacker could target a rider, and then cause the scooter to suddenly brake or accelerate.
Bug makes Android phones hackable via PNG image files
This means any application handling PNG files that have been carefully crafted by an attacker can end up running the attacker’s code.
APRA Prudential Standard CPS 234: How to communicate with the board
The Australian Prudential Regulation Authority’s standard, CPS 234, is aimed at minimising the threat of cyber attacks for APRA-regulated entities.