Security News > 2022 > June

In 2021, the demand for data privacy jobs soared with no indication of slowing down and stemming from the proliferation of new government regulations and cloud migration. In this video for Help Net Security, Stephen Cavey, Chief Evangelist at Ground Labs, talks about how businesses and job seekers are not only prioritizing data privacy but using it as a competitive advantage in this rivalrous landscape.

Searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus. In this video for Help Net Security, Ravi Srinivasan, CEO of Votiro, talks about his experiences during RSA Conference 2022.

The report also shows that EMEA continues to be a hotspot for malware threats. Overall regional detections of basic and evasive malware show WatchGuard Fireboxes in EMEA were hit harder than those in North, Central and South America at 57% and 22%, respectively, followed by Asia-Pacific at 21%. "Based on the early spike in ransomware this year and data from previous quarters, we predict 2022 will break our record for annual ransomware detections," said Corey Nachreiner, chief security officer at WatchGuard.

The new head of Israel's National Cyber Directorate has announced the nation intends to build a "Cyber-Dome" - a national defense system to fend off digital attacks. Gaby Portnoy, director general of INCD, revealed plans for Cyber-Dome on Tuesday, delivering his first public speech since his appointment to the role in February.

The US government is pushing federal agencies and private corporations to adopt the Modern Authentication method in Exchange Online before Microsoft starts shutting down Basic Authentication from the first day of October. "Federal agencies should determine their use of Basic Auth and migrate users and applications to Modern Auth," CISA wrote.

Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. "What sets YTStealer aside from other stealers sold on the dark web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of," security researcher Joakim Kenndy said in a report shared with The Hacker News.

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. Azure Service Fabric is Microsoft's platform-as-a-service and a container orchestrator solution used to build and deploy microservices-based cloud applications across a cluster of machines.

American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers. "We believe this claim is inaccurate and are not aware of a successful attack in this regard on our devices," a Walmart spokesperson told BleepingComputer.

Theoretically, with exposed tokens, an attacker could've accessed users' personal data from a number of different Amazon apps - not just Photos but also, for example, Amazon Drive. To authenticate users across various apps within their ecosystem, like other software suite vendors, Amazon uses access tokens.

A former Canadian government employee has pleaded guilty in a US court to several charges related to his involvement with the NetWalker ransomware gang. He will also forfeit $21.5 million and 21 laptops, mobile phones, gaming consoles, and other devices, according to his plea agreement [PDF], which described Vachon-Desjardins as "One of the most prolific NetWalker Ransomware affiliates" responsible for extorting said millions of dollars from dozens of companies worldwide.