The week in security: Building the open-source SOC; 215m Aussie malware hits last year

How do you get high-end security-monitoring skills without the high-end price? Industrial giant BlueScope recently found out after its CSO worked with a key service provider to build a robust, global security operations centre (SOC) using open-source components.

Australia's oft-lamented cybersecurity skills shortage is suffering additional problems due to brand-recognition issues amongst young Australians, new research suggests.

Just as the FBI was advising that many ransomware victims should just go ahead and pay the ransom, the Dridex botnet is up and running again, despite one of its creators being arrested in August. Also on the arrests front, UK authorities arrested a 15 year old boy in relation to the recent TalkTalk data breach. Authorities also figured out that just one cybercriminal group may be getting all the revenue from Cryptowall 3.0 ransomware.

And, in an interesting twist, it appears Iranian hackers are getting tech support on local-language online support forums. Iranian hackers were also showing interest in Android spying tools that can secretly pull data from target devices.

Regulatory body ACMA reported detecting some 215m instances of malware on Australian computers in the last year. ACMA didn't directly make the link, but it may be more than coincidence that figures suggest 80 percent of PCs are running expired versions of the notoriously-vulnerable Adobe Flash plugin. Many are also due to hits by DDoS attacks that are, reports suggest, increasingly targeting specific third-party applications as well as ubiquitous network-management protocols.

Fujitsu believes using biometric data to generate encryption keys could save some troublesome intermediate security steps. Speaking of troublesome intermediate security steps, Google was pressing Symantec with a please-explain after the certificate-authority giant issuer was somehow producing rogue digital certificates for Google domains.

In a move highlighting the risks of committing to the cloud, Intel Security will be discontinuing McAfee's SaaS product lineup – with implications for sysadmins. Also on the software side, a survey of Windows computers found that many Windows users forget to patch their Apple programs.

Microsoft was offering advice in US Senate hearings, with recommendations that punters just hang up on tech-support scammers. Also in the US Senate, legislators were poised to weigh up a controversial information-sharing act designed to improve sharing of cyberthreat information across industries by giving companies immunity from lawsuits. Also overseas, the European Union is encouraging research into mission-critical application security by funding work into car, hospital and airport-IT security. US authorities were working on device-security research, but from a different angle – tweaking copyright law to legalise hacking of such devices for research purposes.

Join the CSO newsletter!

Error: Please check your email address.

Tags open-source SOCencryption keyssecurity-monitoringhackersDridex botnetthird-party applicationsSecurity operations centre (SOC)adobe flashCSO AustraliaTalkTalk data breachBlueScopeAussie malware

More about AppleCSOFBIGoogleIntelIntel SecurityMicrosoftSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts