Security News > 2022 > April > Week in review: Disrupted Cyclops Blink botnet, public software apps at risk, Patch Tuesday forecast

Log4Shell exploitation: Which applications may be targeted next?Spring4Shell has dominated the information security news these last six days, but Log4Shell continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild.
Security flaws found in 82% of public sector software applicationsVeracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors.
Hybrid threat model: Watch out for the unhappy employeeIn this interview with Help Net Security, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv Security, talks about the hybrid threat model, a new approach that leverages social media to launch cyberattacks on organizations.
The importance of understanding cloud native security risksIn this video for Help Net Security, Paul Calatayud, CISO at Aqua Security, talks about cloud native security and the problem with the lack of understanding of risks to this environment.
What you need to look out for when installing packages from public repositoriesIn this Help Net Security video, Ax Sharma, Senior Security Researcher at Sonatype, talks about the risks posed by malicious open source packages.
New infosec products of the week: April 8, 2022Here's a look at the most interesting products from the past week, featuring releases from ColorTokens, Forescout, Fortinet, IBM, Imperva, Keysight Technologies, and Orca Security.
News URL
Related news
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- April's Patch Tuesday leaves unlucky Windows Hello users unable to login (source)