Security News > 2022 > January

Understandably, security teams are recalibrating and sorting out where more security investments are needed in the new year. The software development community is responding to these developments and recognizes that approaching security as an afterthought encourages attacks and their resulting damages.

In this interview with Help Net Security, Sophie Stalla-Bourdillon, Senior Privacy Counsel and Legal Engineer at Immuta, talks about data privacy, what organizations can a must do to keep data secure, and explains the technologies that can help optimize data protection processes. According to the Immuta State of Data Engineering Survey, organizations are increasingly adopting multiple cloud technologies to keep up with the scale, speed, and use cases required by modern data teams.

While 95% of tech leaders worldwide say moving their legacy application data to the cloud is a priority, and 80.5% want to do it within the next 12 months, only 35% of tech leaders currently store more than half their legacy data in the cloud. Given the increased availability of cloud infrastructures over the past decade, these numbers suggest that many organizations continue to have serious concerns about cloud deployments, and are still approaching the issue of cloud migration very cautiously.

Not to mention the fact that often the SaaS app owner sits outside of the security team in the department that most uses the app, and they are untrained and not focused on the security upkeep of the app. That's why Gartner named SaaS Security Posture Management as a MUST HAVE solution to continuously assess security risks and manage the SaaS applications' security posture in the "4 Must-Have Technologies That Made the Gartner Hype Cycle for Cloud Security, 2021".

56% of businesses experienced more supply chain disruptions in 2021 than 2020, a Hubs report reveals. It is increasingly clear that while certain risks are hard to anticipate and difficult to plan for, it is possible to mitigate the effects of supply chain disruptions by establishing a robust and agile supply chain.

Here, Hikvision would like to share some ideas and expectations about key trends that will likely affect the security industry in 2022 and perhaps even further into the future. With more security cameras and other security devices being connected to the network, the security industry is becoming an important part of an IoT world, enriching its visual capabilities.

Cybersecurity teams from Microsoft on Saturday disclosed they identified evidence of a new destructive malware operation targeting government, non-profit, and information technology entities in Ukraine amid brewing geopolitical tensions between the country and Russia. "The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable," Tom Burt, corporate vice president of customer security and trust at Microsoft, said, adding the intrusions were aimed at government agencies that provide critical executive branch or emergency response functions.

Amid the COVID-19 crisis, the global market for network security sandbox estimated at $4 billion in the year 2020, is projected to reach a revised size of $43 billion by 2027, growing at a CAGR of 40.2% over the period 2020-2027, according to ResearchAndMarkets. One of the segments analyzed in the report, is projected to record 38.4% CAGR and reach $24 billion by the end of the analysis period.

The coordinated cyberattacks targeting Ukrainian government websites and the deployment of a data-wiper malware called WhisperGate on select government systems are part of a broader wave of malicious activities aimed at sabotaging critical infrastructure in the country. "The attack used vulnerabilities in the site's content management systems and Log4j, as well as compromised accounts of employees of the development company," the SSU said, corroborating prior disclosure from the Ukraine CERT team.

Microsoft has released an emergency out-of-band update for Windows Server 2019 that fixes numerous critical bugs introduced during the January 2022 Patch Tuesday. Soon after Windows Server admins installed the January 2022 updates, they began reporting severe issues, including domain controllers entering into boot loops, Hyper-V no longer starting, L2TP VPN connections failing, and ReFS volumes becoming inaccessible.