Security News > 2022 > October

In this Help Net Security video, Shay Levi, CTO at Noname Security, discusses the findings from a recent API security report, which reveals a growing number of API security incidents, a concerning lack of API visibility, and a level of misplaced confidence in existing controls. 76% of senior security professionals experienced an API security incident in the last year.

China appears to have upgraded its Great Firewall, the instrument of pervasive real-time censorship it uses to ensure that ideas its government doesn't like don't reach China's citizens. Great Firewall Report, an organization that monitors and reports on China's censorship efforts, has this week posted a pair of assessments indicating a crackdown on TLS encryption-based tools used to evade the Firewall.

Recently, Eileen Walther, Northwave's Country Manager for Germany and specialized in information security, was elected the new Vice President of the Cyber Security Council Germany. In this interview with Help Net Security, Walther talks about Germany's cybersecurity future, working on information security strategy, and more.

OpenText announced the Nastiest Malware of 2022, a ranking of the year's biggest cyber threats. For the fifth year running, experts combed through the data, analysed different behaviours, and determined which malicious payloads are the nastiest.

Does your organization spend countless resources hardening operating systems in the cloud? That's why CIS pre-hardens virtual machine images to CIS Benchmark standards. See how these CIS Hardened Images work by trying one in your cloud environment.

Joe Sullivan, Uber's former chief security officer, has been found guilty of illegally covering up the theft of Uber drivers and customers' personal information. Sullivan, previously a cybercrime prosecutor for the US Department of Justice, was charged two years ago with obstruction of justice and misprision - concealing a felony from law enforcement.

An ex-Canadian government worker who extorted tens of millions of dollars from organizations worldwide using the NetWalker ransomware has been sent down for 20 years. NetWalker ransomware affiliates - losers who rent the malware to use against victims - specifically attacked hospitals during the height of the COVID-19 pandemic, using the global crisis to extort healthcare organizations.

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency in a public service announcement says that cyber activity attempting to compromise election infrastructure is unlikely to cause a massive disruption or prevent voting. "As of the date of this report, the FBI and CISA have no reporting to suggest cyber activity has ever prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information," PSA from the FBI and CISA. "Any attempts tracked by FBI and CISA have remained localized and were blocked or successfully mitigated with minimal or no disruption to election processes," the two agencies says in the report.

The BlackByte ransomware gang is using a new technique that researchers are calling "Bring Your Own Driver," which enables bypassing protections by disabling more than 1,000 drivers used by various security solutions. Exploiting the security issue allowed BlackByte to disable drivers that prevent multiple endpoint detection and response and antivirus products from operating normally.

Microsoft is investigating user reports of issues with Remote Desktop on Windows 11 systems after installing the Windows 11 2022 Update. Installing the Windows 11 22H2 feature update will cause Remote Desktop clients not to connect, randomly disconnect, or freeze unexpectedly.