Security News > 2022 > January

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Crypto.com CEO: 400 customer accounts hit.

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts.Crypto.com CEO: 400 customer accounts hit.

Humanitarian organization the International Red Cross disclosed this week that it has fallen foul of a cyberattack that saw the data of over 515,000 "Highly vulnerable people" exposed to an unknown entity. The target of the attack was the organisation's Restoring Family Links operation, which strives to find missing persons and reunite those separated from their families due to armed conflict, migration, disaster, detention and other catastrophic events.

Another CISO walks into a board meeting and muddles through stats showing their compliance status. In the classic risk management equation of Risk = Threat x Vulnerability, I have no control over the threat actor's motivation, skill, or resources.

Newly combined security outfits McAfee and FireEye have revealed a new name: "Trellix". Readers may find the name familiar, as another tech company used the same name in the 1990s and early 2000s when it offered intranet and web published tools such as Trellix Web.

As networks continue to evolve and security threats get more complex, security analytics plays an increasingly critical role in securing the enterprise. By combining software, algorithms and analytic processes, security analytics helps IT and security teams proactively detect threats before they result in data loss or other harmful outcomes.

The proven approach in the market today is with digital certificates, which leverage PKI. In fact, some of the best authentication mechanisms leverage digital certificates at their core. In this case, when leveraging digital certificates as a baseline for human and machine identities, digital certificates must be provisioned to users and devices, and ultimately, orchestrated and automated.

A widespread phishing operation targeting Southeast Asia's second-largest bank - Oversea-Chinese Banking Corporation - has prompted the Monetary Authority of Singapore to introduce regulations for internet banking that include use of an SMS Sender ID registry. Singapore banks have two weeks to remove clickable links in text messages or e-mails sent to retail customers.