Also on the international front, security firm Mandiant was alleging that it had information about the Chinese-backed ‘PLA 61398’ cyber-army hacking into US firms. In an ironic twist, the report was used as bait in further spear-phishing attacks on Japanese and Chinese users, building on an Adobe Reader 0-day vulnerability.
Yet the cybersecurity environment is nonetheless heating up, as British prime minister David Cameron signed a cyber security deal with India. Others argued that the escalating cyberwar between the US and China could evolve into something resembling the Cold War. Users, however, need to make much better use of available security tools to improve their response time to spear-phishing attacks like that used in the Chinese hack.
In a relatively rare occurrence, Apple confirmed that it was hit by an internal malware attack while UK firm Tesco had called in the police after the details of a number of its Clubcard loyalty-program members were compromised.
A Malaysian government Web site was hacked with a faked ‘resignation’ from the country’s prime minister. And, in another sign that cyberhacking knows no boundaries, there were reports that China has been helping Zambia master deep packet inspection eavesdropping technology.
Meanwhile, spy agencies were keeping mum on reports that five countries were working together to declassify crucial security vulnerability and threat information. Also on the collaboration front, US university students are among those working to crack Chinese malware code.
New research suggests many Australian organisations aren’t as good at establishing disaster recovery plans as they think. Further damning evidence came from CERT Australia, which says many security incidents within Australian organisations are going unreported. Rounding out the trifecta was the revelation that a large volume of financial and health-related data had been dumped in Sydney rubbish bins where they could be easily compromised by identity thieves.
It’s not an idle threat: identity fraud in the US has reached its highest level in three years, recent data suggests. Most companies are struggling to fight the wave, with a Ponemon Institute report suggesting large organisations aren’t good enough at managing trust infrastructure assets like encryption keys and digital certificates.
Doing its part to stave off trouble, Adobe was busy preparing a fix for a PDF Reader 0-day vulnerability, then released emergency patches for vulnerabilities being actively exploited by attackers. Facebook was hit by a sneakily crafted Chrome extension that artificially boosts ‘likes’ on the site. Apple released a patch for the battery-life problems that had been plaguing Exchange-using customers running iOS 6.1.1.
Mozilla debuted in-application PDF reading for its Firefox browser and patched 13 bugs in the platform, while Kaspersky Labs was still mopping up after a botched antivirus update that is causing major problems for enterprise users.
Also causing problems is Java – which, Apple confirmed, was the vector by which it was hacked. Recognising the growing problems with the platform, Oracle not only released a new round of fixes but sped up its patching cycle for the platform, addressing claims that it has been too complacent about ongoing Java problems. Apple also released a Java update for its own version of the platform. Many Mac users, however, may want to disable Java completely.
Java isn’t the only major problem facing Mac users, however: new malware that bypasses Mac OS X’s Gatekeeper was discovered,
Meanwhile, NBC.com and Zendesk joined the just-been-hacked club. And Oxford University was facing its own problems – with phishing – and briefly blocked Google Docs because of them. Twitter implemented anti-phishing standard DMARC in an effort to fight such activity, but phishing is far from the only threat out there: other types of attacks are also growing in frequency, with ransomware in particular becoming more rampant over time.