Zero Day Weekly: Cyber national emergency, GitHub and Slack nailed, Android malware less than 1 percent

A collection of notable security news items for the week ending April 3, 2015. Covers enterprise, controversies, application and mobile security, malware, reports and more.
Written by Violet Blue, Contributor
Zero Day Weekly

Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending April 3, 2015. Covers enterprise, controversies, reports and more.

  • The U.S. declared cybercrime a 'national emergency', threatening sanctions against hackers, online espionage: A White House executive order signed by President Obama this week declared a state of national emergency with regard to the threat of cyber attacks on US companies, authorizing a set of new sanctions against individuals or groups whose cyber attacks result in significant threats to US national security or economic health.
  • China's main digital certificate authority CNNIC got a beatdown this week when Google and Mozilla announced that updates to their respective browsers will remove trust (read: blacklist) the sketchy certificates. Mozilla explained its reasoning, saying "CNNIC had issued an unconstrained intermediate certificate, which was subsequently used by the recipient to issue certificates for domain names the holder did not own or control (i.e., for MitM)."
  • Android is a mobile malware target but the rate of "potentially harmful" Android app installs was cut nearly in half from Q1 to Q4 2014, according to Google's Android security year in review report released Thursday. In fact, Google found that fewer than 1 percent of Android devices had a "potentially harmful app (PHA)" installed in 2014. The report pulled from Google Play, the official Android app store; Verify Apps, which scans apps installed outside Google Play; SafetyNet, an app health check service for developers, and; Safe Browsing, which monitors phishing sites and malicious URLs.
  • Spying by the National Security Agency revealed by Edward Snowden will cost cloud and outsourcing providers about $47 billion in revenue over the next three years, but that sum is better-than-expected, according to a Forrester Research analysis. Forrester found that the PRISM program hurt U.S. cloud providers, but the revenue hit to U.S. cloud and outsourcing providers is less than initial projections because international customers upped security instead of leaving.
  • Salesforce.com Wednesday added mobile-based two-factor authentication to its stable of identity and access control technologies with the acquisition of Texas startup Toopher. The capabilities will be folded into Salesforce's cloud platform, according to a statement left behind on the now barren Toopher website. Terms of the deal were not announced. Toopher counts LastPass, MailChimp, and the universities of Oklahoma and Texas as its customers.
  • In the young, billion-dollar growth sector of threat intelligence, vendors are falling over themselves to offer a confusingly diverse array of threat intelligence products. That's because right now, organizations know they need to 'do' threat intelligence -- yet few understand, or can agree on what that means. A new threat intelligence whitepaper backed by the UK government waded through the confusion and snake oil salesmen to design a framework for threat intelligence that can be scaled to different sectors, sizes of organization, and organizational goals.
Editorial standards