Week in security: Authorities zero in on spyware, Dridex authors

Reports suggested that China had become the biggest source of Black Friday weekend fraud, even as the Australian Federal Police led a multinational effort to take down a spyware tool that had thousands of paying customers.

It was one small victory in the continuing battle against online nasties that also saw US authorities charge the operators of the Dridex banking Trojan and offer a $US5m bounty to boot.

That’s a big score in the push to fight back against fraud and clamp down on dodgy operators, but the administration of US president Donald Trump, whose politicisation of cybersecurity issues has experts concerned that its overall cybersecurity strategy is undermining trust and objectivity – two critical elements of any data-driven business environment.

Speaking of trust, the evolution from long-used virtual private network (VPN) technology has sped up recently as security vendors migrate to zero-trust models that promise a much higher level of assurance.

Zero trust has come of age for enterprises and will be one of several key trends looking into 2020, according to McAfee Labs experts who warned the next year will see morphing threats including more convincing deepfakes and their use to bypass facial recognition.

Also on the horizon, the experts believe, is an expansion of ransomware attacks into two-stage extortion campaigns; a heightened profile for DevSecOps as containerisation drives a change in security controls; and the exposure of APIs as the weakest link in cloud-native threats, leaving them open to exploitation and penetration attempts.

Cloud’s most enthusiastic converts are rushing to the platform at furious speed, but many are still forgetting their security fundamentals in the process – leaving critical data far more exposed than it can afford to be.

That’s not a good look in a world where security is everyone’s business, but Australian security innovator Datasec scored a big coup closing up loopholes for data exposure with an encryption tool that protects documents in transit to potentially compromised output devices.

Google was crowing about the security of its Android developers, noting that 80 percent of Android apps are encrypting traffic by default.

Yet there was no such positive spin around news that the popular PyPI website had inadvertently played host to a pair of Python package trojans.