Security News > 2022 > April

Over 42 million people in the UK had financial data compromised. According to a release from international law firm RPC, the financial information belonging to approximately 42.2 million people in the U.K. was surrendered due to a growing number of ransomware attacks.

It's important to understand that passwords are not passports. Using biometrics, which is a great security advancement, is not the same as identity, says Leonard Navarro, VP of Business Development at Nametag.

The war in Ukraine is in the second month of bloodshed and the broader impact of the conflict is being felt across the globe, as markets react to increased fuel prices and the consequences of Russia's growing political and economic isolation. The modus operandi of NATO leaders has been to contribute military and humanitarian aid to the Ukrainian government, while remaining below the threshold of direct engagement with Russia - a situation where the possibility of an escalation towards nuclear confrontation is evident in both the Kremlin's rhetoric and Russian doctrinal support for the use of nuclear munitions to end conventional conflict.

How important is the role of the CCO in this process? Conversely when a CCO has a vision and strategy - that is then implemented and automated - they are then seen to be the biggest champion for revenue enabling run rate business rather than stifling it.

The European Union Agency for Cybersecurity publishes a map of national coordinated vulnerability disclosure policies in the EU Member States and makes recommendations. Vulnerability disclosure has become the focus of attention of cybersecurity experts engaged in strengthening the cybersecurity resilience of the European Union.

From an operational risk/maintenance perspective, 85% of the 2,097 codebases contained open source that was more than four years out-of-date. Assessed codebases show open source vulnerabilities are decreasing overall.

According to the results of a Pulse survey conducted by Citrix Systems, nearly 75 percent of 300 IT and security leaders across North America, EMEA, and APAC say DaaS is a key enabler of secure work within their organization, and more than 50 percent have or plan to implement it in the year ahead. "Three years ago, IT organizations around the world were forced to enable remote work with unprecedented scale and speed, and they invested heavily in VPN and other basic remote access tools to do it," said Tim Minahan, EVP of Business Strategy, Citrix. "It got them through, but many are beginning to realize there is a better way forward and are building a more modern approach to support the flexible models that will drive the future of work using DaaS as the foundation."

In The State of Pentesting 2022 Report, Cobalt studied data from 2,380 pentests and surveyed 602 cybersecurity and software development professionals. The report focuses on issues and stats relevant to both the security and development teams.

The U.S. Cybersecurity and Infrastructure Security Agency, along with the Federal Bureau of Investigation and the Treasury Department, warned of a new set of ongoing cyber attacks carried out by the Lazarus Group targeting blockchain companies. Targeted organizations include cryptocurrency exchanges, decentralized finance protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens.

Cybersecurity researchers have disclosed a new version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar. "This campaign is still in development and going back to using executables files as it did in its earlier versions."