Security News > 2022 > May

The researchers attributed the campaign, with "Moderate-to-high confidence," to the Winnti group. Winnti is "An exceptionally capable adversary" that is "Believed to be operating on behalf of Chinese state interests and specializes in cyberespionage and intellectual property theft."

The Federal Bureau of Investigation said today that the amount of money lost to business email compromise scams continues to grow each year, with a 65% increase in the identified global exposed losses between July 2019 and December 2021. Victims reported losses of almost $2.4 billion in 2021, based on 19,954 recorded complaints linked to BEC attacks targeting individuals and businesses.

Security and compliance rank as the top challenges for deploying cloud-native apps. Tigera's State of Cloud-Native Security report is based on a survey of 304 security and IT professionals from around the world.

The Chinese hacking group known as 'Winnti' has been stealthily stealing intellectual property assets like patents, copyrights, trademarks, and other corporate data - all while remaining undetected by researchers and targets since 2019. Winnti establishes persistence via an encoded WebShell, by abusing the WinRM protocol for remote access, the IKEEXT and PrintNotify Windows services for DLL side-loading, or by loading a signed kernel rootkit.

Efforts by Salesforce-owned cloud platform Heroku to manage a recent security incident are turning into a bit of a disaster, according to some users. The most recent status update from just prior to midnight UTC on 3 May read: "A subset of Heroku customers will receive email notifications directly from Salesforce Incident Alerts regarding our continuous efforts to enhance security."

Phishers taking advantage of Gmail's SMTP relay service to impersonate brands. It was recently found by cloud email security company Avanan that phishers have been exploiting Gmail's SMTP relay service since at least April.

GitHub announced today that all users who contribute code on its platform will be required to enable two-factor authentication on their accounts by the end of 2023. Active contributors who will have to enable 2FA include but are not limited to GitHub users who commit code, use Actions, open or merge pull requests, or publish packages.

Mozilla privacy survey finds mental health and prayer apps fail privacy test pretty spectacularly. Apps with the most sensitive data seem to be the worst at protecting user privacy, according to a review by Mozilla's Privacy Not Included team.

Auth0 vs JumpCloud: Compare identity and access management software We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. Two of the most popular contenders include Auth0 and JumpCloud.

Microsoft has warned Windows 11 users that they might experience issues launching and using some. Affected apps use optional components such as Windows Workflow and Windows Communication Foundation.