Full RSS Feed
Receive
the Free CMSWire NewsletterThis week in GRC, the issue of security features prominently with security issues around Android identified by Symantec, McAfee opens a new data center in the UK as part of its ongoing drive to provide content backup and security, Clearwell adds a legal hold module and ProofPoint releases a cloud-based email security and compliance package.
Malicious Android Update
With all the interest in smartphones recently and all the problems with securing content in phones, this week there was news from security vendor Symantec (news, site) that the most recent update to its Android mobile operating system has already been the target of hackers.
According to a blog post from Mario Ballano of Symantec, the company has found an application called Android Market Security Tool that is a malicious version of the Google update of the same name that sends SMS messages, if instructed to do so by a command-and-control server.
The code, according to the blog, was found in an uncontrolled third-party Chinese marketplace. The blog also says that the code used in the new threat is based on a project hosted on Google Code and licensed under the Apache license.
The original Google version of the patch was offered to users who had downloaded apps affected by the Droid Dream virus, after which Google pulled nearly 50 apps from its marketplace and removed them from handsets using a kill switch.
The blog adds that analysis of the application is still ongoing, while Google advises users — again — to download applications only from somewhere they trust. Check out the blog for more on this.
McAfee Expands Data Security
Following last week’s announcement that Intel’s acquisition of McAfee is finally complete, both companies got back to business as usual with McAfee (news, site) continuing to expand its cloud offerings with the opening of a new data center in London, UK, that will be used to support its security-as-a service business.
This is the fifth such center in the past year, with another new center expected to open in the coming weeks too. According to McAfee, the opening is part of its ongoing strategy to develop Web and email security as well as its ability to offer enterprises vulnerability management.
The idea behind the centers, which are now located in Australia, the US and Japan as well as the UK, and to which Hong Kong will be added in the coming months, is to provide a failsafe system for McAfee users, who won’t notice if the data center they are using goes down.
The strategy will see each region McAfee is operating in offering two centers, each backing up the other so that in the event of a fault, the other center of that region will pick up the load.
McAfee has been pushing its cloud-based security offerings a lot over the past few months and with these centers aims to quarantine threats in the cloud before they arrive in enterprise networks — a question of acting rather than reacting.
Continue reading this article:
Email It
