The week in security: Feds blast lazy updaters as POS, BYOD threats persist

The confusion over whether GoDaddy was hacked or not (it apparently wasn't) highlights some of the intrinsic fear in the current environment, in which fraudsters are increasingly targeting financial outcomes from their nefarious schemes.

Claims that Eastern European cybercriminals are more sophisticated hackers than their Asian counterparts may be diminished after two Romanians pled guilty to hacking point-of-sale terminals to steal over $US10m from hundreds of Subway restaurants in the US. However, the arrests highlight a growing and dangerous attack vector with lessons for all. POS hacks have also bitten in Australia, with an Australian Federal Police officer telling the audience at Symantec's Symposium 2012 that many retailers were being targeted because they had failed to follow simple updating policies.

With device management proving ever more challenging in the era of mobile and cloud computing, many companies are instead pushing towards re-emphasising the role of identity management – which continues to face its own hurdles – as a key to controlling access to applications and data. Symantec was talking up its version of this at the event, where demonstrations highlighted the ability of its new tools to wrap identity-based security protections around existing applications.

Better application control has become essential for BYOD strategies to avoid being sideswiped by unforeseen threats from free apps, but manpower is as important as ever in security-protection efforts. The company also invested $1m in its Australian security facilities to bolster its worldwide network of malware busters.

With a recent survey finding half of companies have had Web application security problems, even these tools aren't likely to be a panacea. The iPhone 4S was among the latest platforms to demonstrate lack of security, with a malicious Web page able to skim off a phone's pictures, address book data and browsing history. Researchers also hacked the developer version of the newly released iOS6, which was engaged by vendors like PointPal and installed by 15 per cent of iPhone and iPad users within 24 hours of its release.

Government bodies were red-faced after a survey revealed that British workers ignore remote-access security rules more than their German and French counterparts. And Edinburgh City Council was in damage control mode after a laptop containing sensitive citizen data was stolen from a consultant's home, while hackers demonstrated how NFC cards can be manipulated to allow free travel on New Jersey and San Francisco subway systems.

In the new-features and -products arena, Denim Group released the first production-ready version of vulnerability management tool ThreadFix. Intel was pushing the security protections acquired in its buyout of security firm McAfee, which will integrate with Intel's 'ultrabook' laptops. RSA has reworked its EnVision suite with a new tool, Security Analytics, which is designed to help with event analysis and attack forensics. And startup Bromium has released one of a new breed of tools designed to improve security by creating 'microVM' virtual machines that encapsulate any kind of content in virtual containers.

Google's privacy practices have improved since its Street View dramas and the company was moving closer to adding 'Do Not Track' features to its Chrome browser, even as its Android operating system copped criticism for its poor vulnerability patching.

Speaking of vulnerability patching, Microsoft conceded that the recently discovered critical IE bug was being exploited by in-the-wild hack attacks such as one using the exploit to distribute PlugX malware.

Microsoft was working on a fix and released a one-click interim workaround, but in the meantime a security researcher suggests users switch browsers until the problem is fixed. No less than the government of Germany was advising the same.

Researchers finally cracked the password for a 'Flame' malware command-and-control server, providing a glimpse inside the botnet and revealing that the notorious malware may have been just one of four similar pieces of malware written at the same time. Also on the malware front, researchers identified malicious Internet traffic they've attributed to a new variant of the TDL4 malware. And security vendor Sophos was on the back foot after admitting a bad software update had caused false positives for a number of malware variants.

Last but not least, CSO's Reader Survey 2012 competition is open from now until 31 October; the prize is a 32GB Apple iPad 3.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place