Security News > 2022 > February

Platform9 announced the results of its research, revealing that 91% of survey respondents cite security, consistent management across environments, high availability, and observability as their top concerns for operating cloud-native technologies. The report, which surveyed over 500 technology executives and practitioners, details how enterprises are adopting cloud-native technologies, provides insight into 2022 technology investment priorities, and identifies top concerns to help business leaders and enterprises determine how best to navigate and accelerate their cloud-native initiatives for the rest of the year.

Remotely announced the results of a survey that details the degree to which enterprises have been left vulnerable to disruption in the wake of the rush to remote work by millions of employees during the Covid pandemic. Asked, "What are the biggest challenges you face as a remote IT team in keeping users safe and productive?" almost 33 percent of respondents said, "Keeping users secure, daily." That's because 67.49 percent said they're mired in the minutiae of provisioning services and apps, managing user identities, wrangling employees who have ignored best IT practices, and helping onboard new employees while trying to navigate the biggest and fastest physical workplace shift in decades.

Defined in the survey as when a company has over 50% of its network rollout, operations and life cycle management delivered by a third party on a subscription basis, NaaS is a concept that 86% of EMEA companies are currently discussing in some capacity. When asked about the reasons behind this interest, financial efficiency emerged as one of the main anticipated benefits, with 76% of respondents expecting NaaS to help reduce operational costs, and 60% thinking it could enable a shift from CapEx to OpEx.

Interest in specific topics within cybersecurity grew significantly. Between last year's high-profile incidents involving ransomware, supply chain attacks, the exploitation of critical systems vulnerabilities and the new focus on cryptocurrency theft, it's likely that interest in cybersecurity topics will continue to climb in 2022 and beyond.

The global automotive cybersecurity market size is projected to grow from $2 billion in 2021 to $5.3 billion by 2026, at a CAGR of 21.3%, according to MarketsandMarkets. Passenger vehicle segment to dominate the global automotive cybersecurity market.

We hear about the need for better visibility in the cybersecurity space - detecting threats earlier and more accurately. A new solution overview document provides insights on how XDR provider Cynet tackles the difficult problem of greatly improving threat visibility.

Use a burner phone if you're traveling to the Olympics, the FBI warned on Tuesday, lest you come home with a nasty case of malware and/or snatched personal data. The FBI didn't mention specific threats, per se, but its alert warned those traveling to the February 2022 Beijing Winter Olympics and March 2022 Paralympics that we've seen this all before with the Olympics, where "Malicious cyber actors could use a broad range of cyber activities to disrupt these events."

As many as 23 new high severity security vulnerabilities have been disclosed in different implementations of Unified Extensible Firmware Interface firmware used by numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, among others. The vulnerabilities reside in Insyde Software's InsydeH2O UEFI firmware, according to enterprise firmware security company Binarly, with a majority of the anomalies diagnosed in the System Management Mode.

Scammers are trying to steal job seekers' money and personal information through phishing campaigns using fake advertisements posted on recruitment platforms. "The FBI warns that malicious actors or 'scammers' continue to exploit security weaknesses on job recruitment websites to post fraudulent job postings in order to trick applicants into providing personal information or money," the FBI says.

A new phishing campaign is using specially crafted CSV text files to infect users' devices with the BazarBackdoor malware. A comma-separated values file is a text file containing lines of text with columns of data separated by commas.