Security News > 2021

An Amazon Echo owner was left shocked after Alexa proposed a dangerous challenge to her ten-year-old daughter. AI-powered virtual assistants like Alexa that power smart devices and speakers such as Echo, Echo Dot, and Amazon Tap, come with a plethora of capabilities.

This past year highlighted vulnerabilities and attack vectors that will drive trends and shape global expectations for security in 2022. The notoriously stoic cybersecurity culture is changing; in 2022, we'll see more organizations adapting to this shift, changing traditional titles such as "Security Manager" to "Security Culture Manager" to align with the arguably overdue need to recognize that the culture a security team brings to the overall business is equally as important to the protections brought to the business.

In 93% of cases, external attackers can breach the organization's network perimeter and gain access to local network resources, and it takes an average of two days to penetrate the company's internal network. During the assessment of protection against external attacks, Positive Technologies experts managed to breach the network perimeter in 93% of cases.

Satori shared its predictions for the near future of cloud-based transformation, detailing three major developments to watch for in the world of data governance and operational security over the course of 2022. With more data being moved to the cloud, new opportunities arise, as data can be easily connected with various cloud-based services, including BI, analytics and AI, ultimately delivering richer insights for data scientists, analysts and business users.

The global enterprise data loss prevention market is projected to grow at a CAGR of 21.03% to reach $6.265 billion by 2026, from $1.647 billion in 2019, according to ResearchAndMarkets. The increasing rate of data breaches along with other factors such as DLP as a service, DLP functionality extending into the cloud, and advanced threat protection against these data breaches are the major factors driving the enterprise data loss prevention market.

Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that's dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light on April 14, 2017, when a hacking group known as the Shadow Brokers leaked the exploit tool, among others, under a dispatch titled "Lost in Translation." Also included in the leaks was EternalBlue, a cyberattack exploit developed by the U.S. National Security Agency that enabled threat actors to carry out the NotPetya ransomware attack on unpatched Windows computers.

A number of security flaws have been uncovered in a networking component in Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, tamper with metal detector configurations, and even execute arbitrary code on the devices. "An attacker could manipulate this module to remotely monitor statistics on the metal detector, such as whether the alarm has been triggered or how many visitors have walked through," Cisco Talos noted in a disclosure publicized last week.

We have seen an increase in temerity of attacks by nation-states, such as the Russian attack on SolarWinds, and seen their attack tactics shift from targeted, stealthy operations into opportunistic hacks for potential future uses, such as the attacks attributed to Hafnium. Anytime complexity increases, it also increases the potential attack surface.

Sure, attackers could simply visit public profiles to target someone, but having so many records in one place could make it possible to automate targeted attacks using information about users' jobs and gender, among other details. Randori researchers said that if an attacker successfully exploits the weakness, they can gain a shell on the targeted system, access sensitive configuration data, extract credentials and more.

A lot of stuff has happened in the past year, especially in the tech world. The group behind the attacks is known as Nobelium, and it's just the latest in a string of government-sponsored attacks against IT infrastructure and companies in foreign countries.