Security News > 2021 > December > Week in review: Log4j new vulnerabilities, Microsoft patch bypass, 2022 e-commerce threat trends

The Log4j saga: New vulnerabilities and attack vectors discoveredThe Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell was fixed by releasing Log4j v2.15.0.

Cyber insurance trends: Insurers and insurees must adapt equally to growing threatsIn this interview with Help Net Security, Avi Bashan, CTO at Kovrr, talks about cyber insurance trends and how the growing threat landscape impacted both insurers and insurees.

CTO of Security at Salesforce talks e-commerce cybersecurity threat trends for 2022In this interview with Help Net Security, Dr. Taher Elgamal, cryptographer, infosec leader and currently the CTO of Security at Salesforce, talks about the obstacles retailers' need to overcome to increase their cybersecurity posture and his expectations for the threat landscape in 2022.

Cybersecurity budgets surge, as skills gap wreaks havoc on 2022 plansAs enterprises plan and set budgets for the new year ahead, the vast majority are expecting to channel more dollars toward enhancing their cybersecurity efforts.

Attackers bypass Microsoft patch to deliver Formbook malwareSophos Labs researchers have detected the use of a novel exploit able to bypass a patch for a critical vulnerability affecting the Microsoft Office file format.

According to the Identify Theft Resource Center, the total number of data breaches through September 2021 has already exceeded 2020 numbers by 17%. PCI SSC updates its device security standard for HSMsThe PCI SSC published the latest version of its device security standard for Hardware Security Modules.

News URL

https://www.helpnetsecurity.com/2021/12/26/week-in-review-log4j-new-vulnerabilities-microsoft-patch-bypass-2022-e-commerce-threat-trends/