The week in security: Record DDoS reflects the magnitude of today’s threats

With so many threats emerging on a regular basis, the security landscape is only getting more threatening. Yet many companies are failing to update their defences even after they have been breached, according to new figures that highlight the enduring dangers of the IT-business security divide.

Technologists are reluctant to take dramatically divergent approaches, too: despite the availability of new security architectures that can take away most of the angst of the endpoint security, for example, many companies are still moving slowly to adopt them.

There are certainly more attacks than ever, and many of them involve cryptocurrency. Witness ComboJack malware, which switches Bitcoin wallets in the Windows clipboard.

Other new depredations included a rapidly-spreading Windows attack that drops cryptocurrency mining malware and a Cisco hard-coded password bug that gives attackers root access to Linux machines.

The pace of recovery is slow – as was obvious in Intel’s delays in issuing Meltdown/Spectre fixes for systems based on the Ivy Bridge and Sandy Bridge CPU families, two months after the massive vulnerabilities were discovered.

You could always invite attackers to try their best on your network, as one Latvian mobile operator did.

But that could easily backfire, what with new attack methods enabling record-setting distributed denial of service (DDoS) attacks that this week set worrying new peaks of 1.7Tbps.