The week in security: Hackers compromise smartphones, ATMs, voting systems and Mac protections

Australian security specialist firm Redcore was snapped up by global consulting giant Accenture in a move to fill out its security capabilities. Those capabilities are being driven not only by the rush to build out security skills, but by the desire to be more deeply involved in a culture of threat intelligence and sharing that experts believe is helping level the fight against hackers.

Hackers continued their push to compromise platforms that had previously been seen as relatively secure, with smartphone infection rates doubling in the first half of 2016 and malware authors using legitimate Apple developer IDs to embed malware in a malicious version of Mac OS X BitTorrent application Transmission.

The situation has gotten so bad that Finnish authorities are advising people not to take their mobile phones when they travel overseas. Yet even as human security experts contemplated best practices for improving security, one strategist was arguing that artificial intelligence will help self-contained, virtualised application containers become better at proactively managing themselves.

Speakers at the Trend Micro CLOUDSEC conference were warning about the impact of customer-focused strategies on security and weighing up the state of corporate security aspirations.

Even as Romanian hacker Guccifer was sentenced to 52 months in a US prison, the US FBI was warning that hackers are targeting state election databases and had been able to hamper voting by deleting records, while security researchers identified malware that may have been used for ATM thefts in Thailand.

Dropbox may have been enhancing its collaboration capabilities but the company's users faced a major password reset after 68m passwords were compromised – serving as a reminder on the importance of regularly updating passwords.

Also in trouble on the password front was OneLogin, where the compromise of an employee's credentials led to an embarrassing breach. Analysis of data stolen in the 2012 hack suggested hackers had stolen data on 43 million users, while WhatsApp was in the firing line from privacy groups that complained about changes to its privacy policy.

Figures suggested Australian targets were increasingly popular with ransomware perpetrators. New ransomware was found to be deleting files from Linux Web servers, while another strain called FairWare targeted the Redis database and there were warnings that attackers were hijacking HTTPS traffic by deploying rogue proxies.

Reports said that cybercriminals have figured out a way to make skimmers to steal the data from EMV-enabled cards, while startup Keezel was offering a device designed to secure hotel WiFi connections and other providers were lauding the arrival of iris scanning as a means of improving endpoint security.

Join the CSO newsletter!

Error: Please check your email address.

Tags Trend Micro CLOUDSECX BitTorrenWiFi connections#cloudsecsecurity capabilitiessecurity awarenessaccentureOneLoginhackervoting systemsIdentity & AccessATMsplatformsMac protectionsRedcoreApple developer IDCSO AustraliaKeezelsecurity aspirationsdropbox

More about AppleDropboxFBILinuxTrend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts