The week in security: As bugs persist, maybe Australians really should care more about privacy

Konstantin Omelchuk | Dreamstime.com

Australia’s government may have been moving to tighten data privacy and access laws but Australians aren’t all that fussed by any of it, according to new figures.

That’s probably not great since those same people are happily snapping up Internet of Things (IoT) devices that, new research confirms, are getting less secure rather than more secure.

IoT security is just one of the issues on the radar as Australia’s security community continues to improve itself, and the new AustCyber Canberra node will help bring together industry and academia to address it and many other ongoing security challenges.

This will be particular help in Canberra, where public-sector agencies are especially concentrated and facing very real issues around network visibility.

Distributed denial of service (DDoS) attacks may get a whole lot bigger after researchers found a way to amplify traffic by up to 15,300 percent by exploiting misconfigured WS-Discovery in devices.

Researchers also captured details of attacker strategies by analysing a new botnet attack.

Meanwhile, a glitch in Microsoft’s Windows Defender anti-malware tool was creating problems for the scanning of systems for malicious files.

Bug hunting was big news during the week, with GitHub acquiring Semmle to speed up the hunting of bugs in open-source projects.

Atlassian’s Jira bug-tracking software was found to have a few bugs of its own.

With all these bugs flying around, you’d think bug bounty programs would be a great way to keep up. Yet a study has found that the programs are often “inefficient and expensive”.

Copyright © 2019 IDG Communications, Inc.

The 10 most powerful cybersecurity companies