In pictures: AusCERT 2014 awards night
Candles and classical music bought some old world charm to AusCERT’s 13th annual Australian Information Security Awards.
A flaw in the widely used OpenSSL library could allow man-in-the-middle attackers to impersonate HTTPS servers and snoop on encrypted traffic. Most browsers are not affected, but other applications and embedded devices could be.
The first thing an IT security executive should do after the corporate network has been breached is fall back on the incident response plan that was put in place well before attackers got through the carefully constructed defenses.
A vulnerability in Android's default Web browser lets attackers spoof the URL shown in the address bar, allowing for more credible phishing attacks.
A critical vulnerability in code used by several virtualization platforms can put business information stored in data centers at risk of compromise.
The mystery high-severity flaw that people were expected to be fixed in OpenSSL is no Heartbleed, but it is serious and users should update.