Security News > 2021

The attack technique is script-based and dubbed "Autom", because it exploits the file "Autom.sh". Attackers have consistently abused the API misconfiguration during the campaign's active period, however the evasion tactics have varied - allowing adversaries to fly under the radar, wrote Aquasec's research arm Team Nautilus in a report published Wednesday.

Microsoft Defender for Endpoint is currently showing "Sensor tampering" alerts linked to the company's newly deployed Microsoft 365 Defender scanner for Log4j processes. The alerts are reportedly mainly shown on Windows Server 2016 systems and warn of "Possible sensor tampering in memory was detected by Microsoft Defender for Endpoint" created by an OpenHandleCollector.

People are still gonna people in 2022 and they're still, largely, going to do the easiest thing, regardless of its impact to the organization's security posture. In addition to widely recommended user training, Wiacek suggested cybersecurity professionals change their internal communications approach in 2022.

One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply.

Data exfiltration often rises alongside resignations because more employees are misappropriating data and they're doing so around the time they resign. A Tessian study confirmed this, finding that 45 per cent of employees admit to downloading, saving or sending work data out of network before leaving their jobs.

"The findings confirm our belief that security teams must make improving their relationship with developers a major priority in 2022," said Harshil Parikh, CEO of Tromzo. "They can do this by making security easy for developers. This means integrating security checks into the SDLC and transitioning from security gates to security guardrails so security can become a first-class citizen once and for all."

A new study showed that two-thirds of organizations are currently spending $100,000 or more annually on observability tools, with 38% spending $300,000 or more annually. Despite these investments, 75% of companies are still struggling to achieve true observability, according to LogDNA. While many organizations have four or more tools in their arsenal, they're often dissatisfied; in fact, more than half are unable to implement the tools they want because of vendor lock-in.

Nirmata announced a report that features an analysis of the current cloud native policy management market adoption, including the technologies used and the challenges that organizations face. The survey highlights that nearly 50 percent of users in cloud native environments have adopted some level of policy management solution in their Kubernetes environment.

The Apache Software Foundation on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code on affected systems, making it the fifth security shortcoming to be discovered in the tool in the span of a month. While Log4j versions 1.x are not affected, users are recommended to upgrade to Log4j 2.3.2, 2.12.4, or 2.17.1.

Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent version of Log4j and deemed the safest release to upgrade to, but that advice has now evolved.