The week in security: Warnings on Rio Olympics cybersecurity, YouTube phone takeovers

Cybersecurity researchers tried a new tack by introducing security bugs to teach bug-finding tools how to find software bugs, while Google was working on techniques that might stop quantum computers from being able to crack encryption methods in wide use today.

Experts were warning about nine critical controls that companies need to keep up with the changing cybersecurity landscape, with a range of devices and techniques available to help mitigate insider threats. Warnings even extended to visitors to the coming Rio de Janeiro Olympics, where careless use of Wi-Fi and other online activities could lead to heartache for visitors.

The European Union was cracking down on cybersecurity, with plans to tighten regulatory requirements on Bitcoin exchanges and news of a plan for a public-private partnership investing $US2 billion ($A2.8b) in cybersecurity research, while a study of network-based attacks suggested that malware authors were relying on common and legitimate networking tools to probe networks once malware had secured access to target networks.

That process is often easier than it should be, with one company ex-employee held to have acted illegally by using the login credentials of a current employee to gain access to the company network. Researchers warned that a smartphone could be remotely controlled with voice commands hidden in a YouTube video, while a flaw in D-Link cameras would allow remote takeover of more than 120 cameras and products from that company.

A second man pleaded guilty to using a phishing scheme to hack photographs and other private information of famous LA-based entertainers; this, as Apple bragged that the high price for iOS exploits suggests that the company is doing a good job with its security efforts.

This, as security researchers discovered a Tor-powered backdoor that was targeting Apple Macs and a backdoor that steals credentials stored in the operating system's encrypted Keychain. Meanwhile, Google released a massive Android update that fixed more than 100 security flaws in Android. Security firm Avast! Offered $US1.3 billion ($A1.8b) to buy rival AVG Technologies, while US fast-food chain Wendy's became the latest big-name business to be hit by credit-card hacking. Hospitals were also facing a growing security threat while there were warnings that increasing cloud use was leaving many adopters vulnerable.

Yet despite the exposure of such breaches, UK authorities were concerned that billions are being lost to cybersecurity without ever being reported. US consumer authority the Federal Trade Commission (FTC) launched an investigation into hacked adultery Web site Ashley Madison, while there were warnings that employee use of social media carries risks as well as advantages.

Along similar lines, the US government closed its investigation into presidential candidate Hillary Clinton's personal email system.

Tags Wi-FiyoutubeOlympicssoftware bugsQuantum computersD-Link Systems

Show Comments