Jeremy KirkAustralia Correspondent, IDG News Service

Jeremy reports on security and regional news for the IDG News Service.

usbflashdrive

Chinese hacker group among first to target networks isolated from Internet

APT 30 has been operating since 2005 without significantly changing its attack methods, FireEye said. Its target? "Air-gapped" networks that are supposed to be physically isolated from the Internet.

PCWorld News

White Lodging Services confirms second payment card breach

Security measures put in place after a first breach last year failed to stop hackers from striking again

PCWorld News

Encryption startup Vera locks down transferred documents

The company's software applies a strict regime of rules over who can open a file

hackingback

ISIS sympathizers exploiting WordPress plugins to hack websites, FBI warns

The plugins are low-hanging fruit, but the attacks have been widespread and disruptive, the FBI said

PCWorld News

SingTel acquires TrustWave for managed security services

TrustWave will become a standalone business unit of SingTel and not curtail its services

PCWorld News

Linux Australia breached, personal details leaked

The group is advising conference attendees to change their passwords

PCWorld News

Wider use of HTTPS could have prevented attack against GitHub

EFF said the GitHub attack reinforces the case for using HTTPS

PCWorld News

EFF questions US government's software flaw disclosure policy

The government hasn't shown that it is improving its zero-day flaw notification efforts

hackingback

GitHub recovering from massive DDoS attacks

The DDoS attacks were aimed at two GitHub-hosted projects fighting Chinese censorship.

PCWorld News

An SDN vulnerability forced OpenDaylight to focus on security

The SDN project now has a security response team to quickly handle new vulnerability reports

facebook

Facebook's Like button can still easily be gamed

Many websites are not using updated APIs that would prevent Likes from being easily faked

PCWorld News

Egyptian company says rogue Google SSL certificates were a mistake

MCS Holdings says it deleted the certificates after it was notified

hack security malware

Zero day exploits and browser vulnerabilities spiked in 2014

Secunia found that overall more than 83 percent of vulnerabilities had patches ready when the flaws became public

android devil malware

Android flaw puts personal data at risk for millions

A flaw in Android could allow apps to be modified or replaced by malware, Palo Alto Networks said.

PCWorld News

Security startup records a year's network data

Lightweight sensors record network data so admins can go back and analyze it