The week in security: Malware spike raises urgency of threat sharing

In a case of life imitating warnings, the US government appointed a new White House cyber security chief and was hoping China would agree to rules the US wants to impose on potential cyber wars, while the domestic security industry was largely happy to hear about efforts to bring CREST accreditation to Australia.

Efforts to improve sharing of threat information don't always go smoothly, but over 1000 US defence contractors seem determined to change that by voluntarily sharing information about cyber threats (and potentially nobbling the CISPA legislation in the process); could a similar program work in Australia?

Others are concerned about sharing of a less benevolent kind, as the heavy use of wireless in healthcare environments sets some people worrying about healthcare data security. Aiming to quash its own concerns about data security, CSO featured the story of bus transport group Grenda Security, which has revisited its server and security infrastructure to accommodate its new reliance on virtualised infrastructure.

It's not the only one: Eugene Kaspersky, who did the rounds throughout Australia on the back of appearances at AusCERT and CeBIT, warned that Apple is still way behind Microsoft in terms of its security. Apparently Yahoo wasn't doing too well either, with the company forced to update its Axis extension for Google's Chrome browser after a slight snafu with its private key that let anybody sign extensions using Yahoo's credentials; on a related note, researchers were suggesting a way to use Transport Layer Security (TLS) protocol extensions to help browsers automatically figure out when they're presented with fraudulent certificates.

Even as Intel launched a cloud-based single sign-service, some industry figures were asking whether cloud-based security is actually cheaper than the alternative. An Armenian malware author was sentenced to four years in prison for creating the Bredolab malware, even as Anonymous claimed it hacked a US Department of Justice website.

Malware fighters were kept busy by news of a cross-browser worm that spreads via Facebook and new banking-industry Trojans that spread via an online scam and hijack users' webcams and microphones. Indeed, statistics from McAfee suggest we've just come off the busiest quarter for PC malware in recent history.

Straight from the what-could-possibly-go-wrong department, a new SDK from Soti allows remote control of mobile applications on iPhones, iPads and iPod touches. Similarly, straight from the ‘we-learned-the-hard-way-what-could-go-wrong’ department, Microsoft took down its Bing Streetside site in Germany after getting too many complaints that it's a privacy intrusion.

And Google, which faced eight new vulnerabilities in its products after they were announced by researchers, is in the process of notifying half a million people that their systems may be infected with DNSChanger malware; is still copping scrutiny from EU regulators over its privacy-policy changes; and may face new investigations after lawmakers pushed the US Department of Justice to reopen its investigations into Google's Wi-Fi snooping.

It doesn't take a malware hit to cause a privacy breach, but a new survey debunked popular belief by concluding that the US Patriot Act won't actually give the US government special access to personal data stored in US-based cloud services. It may be more useful for companies to focus on robust destruction of their confidential data when it's no longer necessary, some experts say, while a report from security firm Onapsis found that over 95 per cent of tested SAP systems hadn't been patched enough to be considered secure anymore.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about AppleAxisCeBITCERT AustraliaDepartment of JusticeEUFacebookGoogleIntelKasperskyKasperskyMcAfee AustraliaMicrosoftSAP AustraliaUS Department of JusticeYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place