Security News > 2022 > June

Gartner reveals 8 cybersecurity predictions for the next 4 years. As part of Gartner's Security & Risk Management Summit wrapping up today in Sydney, analysts from the company have unveiled eight predictions from within the cybersecurity sphere from 2022 to 2026.

Zero trust lets you limit access on an as-needed basis, and with the promise of greater protection, it is on the radar for many organizations. A report released Tuesday by security provider Banyan Security looks at the attitudes and intentions toward zero trust by IT and security professionals.

Cybersecurity researchers have discovered a new campaign attributed to the Chinese "Tropic Trooper" hacking group, which employs a novel loader called Nimbda and a new variant of the Yahoyah trojan. The trojan is bundled in a greyware tool named 'SMS Bomber,' which is used for denial of service attacks against phones, flooding them with messages.

Air raid sirens sounded for over an hour in parts of Jerusalem and southern Israel on Sunday evening - but bombs never fell, leading some to blame Iran for compromising the alarms. While the perpetrator remains unclear, Israel's National Cyber Directorate did say in a tweet that it suspected a cyberattack because the air raid sirens activated were municipality-owned public address systems, not Israel Defense Force alarms as originally believed.

Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia's invasion. Since the start of the war, threat actors linked to several Russian intelligence services have attempted to breach entities in dozens of countries worldwide, prioritizing governments, according to Microsoft Threat Intelligence Center analysts.

Brave Search, the browser developer's privacy-centric Internet search engine, is celebrating its first anniversary after surpassing 2.5 billion queries and seeing almost 5,000% growth in a year. To celebrate this success, Brave Software announced that Brave Search is finally exiting its beta phase and will become the default search engine for all users of the Brave browser.

MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. One of MEGA's advertised features is that data is end-to-end encrypted, with only the user having access to the decryption key.

Email phishing campaigns are regularly hitting organizations in the U.S., but voicemail phishing is less common. Once the user has entered the correct captcha information, they are shown the final content, which is an Office 365 phishing page.

The finding is part of a study [PDF] conducted by IT security researchers at Trail of Bits and commissioned by the Defense Advanced Research Projects Agency that points to several ways in which the immutability of blockchain - the distributed ledger on which Bitcoin and other cryptocurrencies rely - can be called into question. "Of Bitcoin's nodes, 21 percent were running an old version of the Bitcoin Core client that is known to be vulnerable in June of 2021," the study said.

Microsoft says support for Windows Subsystem for Linux distros can now be added to any machine running Windows Server 2022 by installing this month's Patch Tuesday updates. "You can now use Windows Subsystem for Linux 2 type distros on Windows Server 2022," Loewen said.