Security News > 2022 > January

There's no single method or strategy that guarantees an organization will not become a victim, but there are best practices organizations can take to achieve greater cyber resiliency. Educate: Though cyber criminals are finding new and creative ways to get into data centers.

Nation states will ramp up mobile cyber attacks; hyperscalers will mimic Google and introduce powerful proprietary encryption protocols; and new edge clouds could make the last mile vulnerable. Mobile industry trends in 2022 State-sponsored cyber attacks accelerate and evolve.

Microsoft has released the optional KB5008353 Preview cumulative update for Windows 11 with 39 fixes or improvements. This Windows 11 cumulative update is part of Microsoft's January 2022 monthly "C" update, allowing users to test upcoming fixes in the February 2022 Patch Tuesday.

The global DDoS protection and mitigation market size is expected to grow from $3.3 billion in 2021 to $6.7 billion by 2026, at a Compound Annual Growth Rate of 15.1% from 2021 to 2026, according to ResearchAndMarkets. The major factors fueling the DDoS protection and mitigation market include growing demand for sophisticated security solutions, evolving regulatory landscape, and growing volumes of business data across industries.

Microsoft has released the optional KB5009596 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes fixes for reboots on domain controllers, L2TP VPN connection issues, and 25 other fixes or improvements. The KB5009596 cumulative update preview is part of Microsoft's January 2022 monthly "C" update, allowing admins to test upcoming fixes being released in the February 2022 Patch Tuesday.

Linux vendors on Tuesday issued patches for a memory corruption vulnerability in a component called polkit that allows an unprivileged logged-in user to gain full root access on a system in its default configuration. Security vendor Qualys found the flaw and published details in a coordinated disclosure.

A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software. BleepingComputer is aware of at least fifteen victims of the new DeadBolt ransomware attack, with no specific region being targeted.

Social engineering campaigns involving the deployment of the Emotet malware botnet have been observed using "Unconventional" IP address formats for the first time in a bid to sidestep detection by security solutions. The infection chains, as with previous Emotet-related attacks, aim to trick users into enabling document macros and automate malware execution.

The cybercrime operators behind the notorious TrickBot malware have once again upped the ante by fine-tuning its techniques by adding multiple layers of defense to slip past antimalware products. TrickBot has proven to be impervious to takedown attempts, what with the operators quickly adjusting their techniques to propagate multi-stage malware through phishing and malspam attacks, not to mention expand their distribution channels by partnering with other affiliates like Shathak to increase scale and drive profits.

VMware urges customers to patch critical Log4j security vulnerabilities impacting Internet-exposed VMware Horizon servers targeted in ongoing attacks. Microsoft also warned two weeks ago of a Chinese-speaking threat actor tracked as DEV-0401 who deploys Night Sky ransomware on Internet-exposed VMware Horizon servers using Log4Shell exploits.