IT Security Stories to Watch: Did Hackers Attack Apple's App Store?

Hackers have leveraged malicious code to attack apps commonly used on Apple (AAPL) iPhones and iPads in China.

And as a result, Apple tops this week’s list of IT security newsmakers to watch, followed by IBM (IBM), Vodafone (VOD) and the VisitorTracker malware. 

What can managed service providers (MSPs) and their customers learn from this week’s IT security newsmakers? Check out this week’s edition of IT security stories to watch to find out: 

1. Hackers target the Apple App Store

Apple last week said it was working remove malicious code added to several apps commonly used on iPhones and iPads in China.

Hackers created a counterfeit version of Apple’s software for building iOS apps, and apps built with the software enabled cyberattackers to steal data about users and send it to servers they controlled.

“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” an Apple spokesperson told BBC News. “We are working with the (affected) developers to make sure they’re using the proper version of [the software] to rebuild their apps.”

2. IBM launches Cloud Security Enforcer

IBM has released Cloud Security Enforcer, a tool that scans corporate networks for apps frequently used by employees and determines how to secure them. 

Cloud Security Enforcer is hosted on IBM’s cloud infrastructure, according to ZDNet. It detects unauthorized cloud apps and enforces data policies to protect users against cyberthreats.

3. Vodafone provides details about data breach

Vodafone last week released information about a data breach that occurred more than four years ago. 

Australian journalist Natalie O’Brien told The Guardian that her call and text records accessed by a Vodafone employee in Jan. 2012, shortly after she reported on a major data breach that took place within Vodafone Australia in January 2011. 

“[Vodafone] strongly denies any allegations of improper behavior,” Vodafone said in a prepared statement. “Our investigation into alleged privacy breaches in January 2011 was undertaken to determine if any [Vodafone] staff had breached privacy laws or engaged in any criminal behavior, not to discover the source of damaging media stories. As a result of our investigation, several retail staff were dismissed for breaches of [Vodafone] security policies.”

4. Introducing the VisitorTracker malware campaign

Hackers launched WordPress malware this month. Sucuri Security noted the new malware campaign, called “VisitorTracker,” has already affected thousands of WordPress users.

“[The malware] interacts with a secondary backdoor inside the site to force the browser to load [malicious content],” Sucuri Security wrote in a blog post. “We do not have a specific entry point determined yet, but it seems to be a campaign targeting latest vulnerabilities in plug-ins.”

What are your thoughts on this week’s IT security stories to watch? Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at [email protected].