Security News > 2021 > December > Week in review: Log4Shell updates, Kronos ransomware attack, unused identities threat
The Log4j JNDI attack and how to prevent itThe disclosure of the critical Log4Shell vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure.
Ransomware hits HR solutions provider Kronos, locking customers out of vital servicesThe end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group, one of the biggest HR and workforce management solutions providers in the US. Microsoft patches spoofing vulnerability exploited by EmotetMicrosoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability actively exploited to deliver Emotet/Trickbot/Bazaloader malware family.
Modern cars: A growing bundle of security vulnerabilitiesIn this interview with Help Net Security, Laura Hoffner, Chief of Staff at Concentric, talks about modern car vulnerabilities, the techniques hackers are using to compromise connected vehicles and how to protect users.
Leveraging AIOps for a holistic view of network performance and securityIn this interview with Help Net Security, Terry Traina, CTO at Masergy, talks about the benefits of leveraging AIOps and how it can help thwart growing security threats.
Unused identities: A growing security threatAccording to our internal research, 6% of user accounts within an organization are inactive.
How to implement security into software design from the get-goSoftware professionals know that the working relationship between developers and security teams can be complicated.
News URL
Related news
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)
- Stanford: Data of 27,000 people stolen in September ransomware attack (source)
- Nissan confirms ransomware attack exposed data of 100,000 people (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- What the Latest Ransomware Attacks Teach About Defending Networks (source)
- Lessons from a Ransomware Attack against the British Library (source)
- Jackson County in state of emergency after ransomware attack (source)
- Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7 (source)
- Panera Bread week-long IT outage caused by ransomware attack (source)