The week in security: Building the open-source SOC; 215m Aussie malware hits last year

How do you get high-end security-monitoring skills without the high-end price? Industrial giant BlueScope recently found out after its CSO worked with a key service provider to build a robust, global security operations centre (SOC) using open-source components.

Australia's oft-lamented cybersecurity skills shortage is suffering additional problems due to brand-recognition issues amongst young Australians, new research suggests.

Just as the FBI was advising that many ransomware victims should just go ahead and pay the ransom, the Dridex botnet is up and running again, despite one of its creators being arrested in August. Also on the arrests front, UK authorities arrested a 15 year old boy in relation to the recent TalkTalk data breach. Authorities also figured out that just one cybercriminal group may be getting all the revenue from Cryptowall 3.0 ransomware.

And, in an interesting twist, it appears Iranian hackers are getting tech support on local-language online support forums. Iranian hackers were also showing interest in Android spying tools that can secretly pull data from target devices.

Regulatory body ACMA reported detecting some 215m instances of malware on Australian computers in the last year. ACMA didn't directly make the link, but it may be more than coincidence that figures suggest 80 percent of PCs are running expired versions of the notoriously-vulnerable Adobe Flash plugin. Many are also due to hits by DDoS attacks that are, reports suggest, increasingly targeting specific third-party applications as well as ubiquitous network-management protocols.

Fujitsu believes using biometric data to generate encryption keys could save some troublesome intermediate security steps. Speaking of troublesome intermediate security steps, Google was pressing Symantec with a please-explain after the certificate-authority giant issuer was somehow producing rogue digital certificates for Google domains.

In a move highlighting the risks of committing to the cloud, Intel Security will be discontinuing McAfee's SaaS product lineup – with implications for sysadmins. Also on the software side, a survey of Windows computers found that many Windows users forget to patch their Apple programs.

Microsoft was offering advice in US Senate hearings, with recommendations that punters just hang up on tech-support scammers. Also in the US Senate, legislators were poised to weigh up a controversial information-sharing act designed to improve sharing of cyberthreat information across industries by giving companies immunity from lawsuits. Also overseas, the European Union is encouraging research into mission-critical application security by funding work into car, hospital and airport-IT security. US authorities were working on device-security research, but from a different angle – tweaking copyright law to legalise hacking of such devices for research purposes.

Tags adobe flashencryption keysthird-party applicationsBlueScopeSecurity operations centre (SOC)CSO Australiasecurity-monitoringDridex botnetopen-source SOCTalkTalk data breachAussie malware

Show Comments