Security News > 2022 > January

Another week, another crypto upstart admitting its lax security has been exploited and parties unknown have made off with millions. The crypto concern is Qubit Finance - an outfit that offers decentralized lending and borrowing and operates under the motto "Lend to ascend - Borrow for tomorrow."

Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident. The report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.

According to an Identity Theft Resource Center report, the overall number of data compromises is up more than 68 percent compared to 2020. The new record number of data compromises is 23 percent over the previous all-time high set in 2017.

European manufacturing firms are embracing cloud-based technologies and services to accelerate their go-to-market plans and improve digital marketing efforts, according to an Information Services Group report. The report finds manufacturers on the continent also looking to the cloud to enable direct-to-consumer business models.

Investments in non-cloud infrastructure increased 7.3% year over year in 3Q21 to $14.6 billion, the third consecutive quarter to see an increase in year-over-year spend after a period of declining spending that started in 2Q19. Spending on shared cloud infrastructure reached $13 billion, an increase of 8.6% compared to 3Q20, and a 6.6% increase from the previous quarter. IDC expects to see continuously strong demand for shared cloud infrastructure with spending surpassing non-cloud infrastructure spending in 2022.

Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues.

An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb clearnet website, nearly a year after the individual pleaded guilty to the charges. He pleaded guilty to money laundering charges in March 2021 and agreed to forfeit the illegally amassed profits.

Microsoft this week revealed that it had fended off a record number of distributed denial-of-service attacks aimed at its customers in 2021, three of which surpassed 2.4 terabit per second. One of the DDoS attacks took place in November, targeting an unnamed Azure customer in Asia and lasted a total of 15 minutes.

A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people's GPUs to create unique fingerprints and use them for persistent web tracking. The researchers considered the possibility of creating distinctive fingerprints based on the GPU of the tracked systems with the help of WebGL. WebGL is a cross-platform API for rendering 3D graphics in the browser, and it's present on all modern web browsers.

As revealed by the FTC, over 95,000 US consumers reported losses of roughly $770 million after getting scammed on social media platforms. "More than one in four people who reported losing money to fraud in 2021 said it started on social media with an ad, a post, or a message. In fact, the data suggest that social media was far more profitable to scammers in 2021 than any other method of reaching people." the FTC said.