Week in security: BEC growth, vulnerability exposure eclipse expectations

Even as the northern hemisphere’s total solar eclipse dominated the week’s news, there were concerns that identity data can eclipse digital identity without the right supporting technology in place.

The results of poor data management and security can be disastrous, but without enough skilled staff it can be difficult for companies to keep up with their patching regimen. Enter RedShield, a New Zealand company that is moving into the Australian market with ‘shields’ that monitor and block outside attempts to exploit specific vulnerabilities.

Not all vulnerabilities involve poor patching, however: recent figures suggested the number of Australian companies falling prey to business email compromise (BEC) attacks is continuing to grow – with some 243 attacks last quarter highlighting a surging trend.

Google launched its latest major version of Android, 8.0 ‘Oreo’ – the O echoed the eclipse during which the launch was announced – with a range of security enhancements including a new updates framework called Project Treble and the Google Play Protect malware scanner.

The company was also clamping down on 500 apps that had been flagged as having suspect ad libraries – potentially threatening security problems for Android users.

Meanwhile, Zerodium boosted the potential reward for hacking encrypted messaging apps WhatsApp and Signal to $US500,000 ($A630,000) and made its $US1.5m ($A1.89m) iOS hack competition even harder.