The week in security: Windows servers, iOS, Macs softer targets than you want to believe

Companies need to recognise that technological fixes can only extend the secure life of old platforms so far, one security expert was warning. It is, after all, impossible to outspend every attacker trying to get to your systems. Sometimes, instead, the best answer is to look to completely new technological approaches – such as the synchronised firewall-endpoint linkages in new security tools launched this week by Sophos.

Identity and access management vendor ForgeRock was also exploiting the potential of new technologies, strengthening its ANZ presence as it ramps up its APAC investments in anticipation of strong demand. This, as a study suggested poor privileged-account management on Windows servers is quite common and could leave entire networks exposed.

Even as cybercriminals began looking to video ads to distribute their malware, Mac users were being warned about the arrival of Mabouia, the first crypto-ransomware for the previously ransomware-free platform – although not everyone agreed that the threat was a real concern. Also on the Apple front, there were claims that applications written for the iOS mobile operating system have more vulnerabilities even than those for rival Android.

A hospital in the US state of Connecticut paid $US90,000 over a stolen laptop that contained sensitive medical data, while US telco Comcast was forced to reset nearly 200,000 passwords after it was informed that its customer details were being sold on the Dark Web. Three people were indicted in the hacking of major financial house JPMorgan, while reports from the UK suggested the recent hacking of that country's telco TalkTalk will cost up to $US53m ($A75m).

There were concerns about significant security flaws in SAP's HANA platform, while Microsoft raised attention as it partnered with Deutsche Telekom to store Germany-based customer data within that country. That vendor also raised eyebrows after a Patch Tuesday update caused major issues for many Microsoft Outlook users.

An Indigogo project was designed to destroy a PC's USB port – perhaps a rather extreme solution to the issue of data leakage via USB stick. Yet it might be a popular one in security-conscious environments – particularly given that a new study has cast doubt on the supposedly stronger encryption in self-encrypting USB drives.

One CISO, however, was betting on cloud security services to protect his customers' data. It's one approach to security for CISOs – but there are seven more tips that one consultant believes will help CISOs stay ahead of their security threats.

Tags AndroidiossophosForgeRockWindows serversMacsidentity and access managementCSO AustraliaANZ presenceAPAC investmentsSAP's HANA platform

Show Comments