The week in security: As Apple's iPhone 6S bows, App Store cull highlights persistent mobile-security issuesc

Australia's buoyant market for security products and services is outpacing the world and continues to attract international attention, with DNS-protection firm Infoblox ramping up its local team – addressing an issue becoming more pointed with the likes of Royal Caribbean Cruise Lines. Also pushing into the Australian market was iSIGHT, a threat-intelligence firm that opened its first local office this month and is predicting strong growth as demand accelerates.

Security issues due to too-complacent mobile users are nothing new – and experts were warning of potentially choppy waters ahead as the new iPhone 6S hit the streets – but vulnerabilities involving Apple removed a number of malware-infected apps from its App Store – are. Apple followed up with an effort to wean Chinese developers off of the malware-laden pirated version of Xcode that they had used to build the apps, offering faster access to legitimate copies of Xcode.

In more business-as-usual news Adobe fixed 23 critical flaws in its September Flash Player update, while a Google security researcher flagged ongoing bugs in security software from Kaspersky Labs.

Copyright holders were keeping quiet on a decision by new prime minister Malcolm Turnbull to push responsibility for online piracy regulation from the Attorney-General's office back to the communications portfolio.

Even as a report suggested healthcare firms are three times as likely to see data breaches than other companies, IBM is working to stop the siphoning of corporate information onto cloud-based storage systems. It was a trend also addressed by Taiwanese service provider Datiphy, and might be a good idea for the likes of recently-hacked US Office of Personnel Management (OPM) revised upwards the number of people whose fingerprints were stolen to 5.6m, up from 1.1m.

Cisco was reportedly developing a partnership with a Chinese partner to improve access to the local market. India's draft laws on encryption – suggesting that service providers keep unencrypted copies of all communication – drew concerns and were eventually withdrawn. The draft policies were in stark contrast to recommendations that US Congress members use encrypted smartphone apps like WhatsApp and Signal instead of conventional mobile networks.

Also on the international front, US national security advisor Susan Rice warned China on cyberespionage, even as a mooted US law requiring tech companies to report terrorist activity was dropped amidst concerns its provisions were overbroad and under-specific.

Join the CSO newsletter!

Error: Please check your email address.

Tags mobile-securityApple's iPhone 6Ssecurity productsadobeapp storeAttorney-General's office

More about AppleAttorney-GeneralCiscoGoogleInfobloxKaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place