Security News > 2022 > October

Security operations teams are spending their days looking for known vulnerabilities and watching for new threats. Once compiled, SecOps can begin to assess security gaps and risks to those operations and combine that with their knowledge of adversaries targeting their company or industry.

In this Help Net Security video, Dmitry Bestuzhev, Most Distinguished Threat Researcher at BlackBerry, talks about some of the most interesting tactics, techniques, and procedures employed by...

The 2022 SonicWall Threat Mindset Survey found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware. In this Help Net Security video, Immanuel Chavoya, Threat Detection Expert at SonicWall, talks about the key survey findings.

54% of office workers would reconsider working for a company that had recently experienced a cyber breach, according to a study by Encore. An independent study of 100 C-level executives, 100 chief information security officers and 500 office workers in the US and the UK, conducted by Censuswide, sought to uncover the gap that remains between boards and security teams when it comes to addressing cyber demands.

The White House is adding the chemical sector to a program launched last year to improve cybersecurity capabilities within America's critical infrastructure industries. Jen Easterly, director of Homeland Security's Cybersecurity and Infrastructure Security Agency, suggested at a CISA-hosted Chemical Security Summit in August that the chemical industry was next up for the program.

Apple has released new security updates to backport patches released earlier this week to older iPhones and iPads, addressing an actively exploited zero-day bug. Apple addressed the zero-day vulnerability in iOS 15.7.1 and iPadOS 15.7.1 today with improved bounds checking.

Microsoft says a threat group tracked as DEV-0950 used Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. "Beginning on September 19, 2022, Microsoft identified Raspberry Robin worm infections deploying IcedID and-later at other victims-Bumblebee and TrueBot payloads," Microsoft Security Threat Intelligence analysts said.

The French regulator's objection, which was echoed last year by at least the UK and the Australian regulator as well, is: "We consider this unlawful in our country. You can't go scraping people's images for this commercial purpose without their consent. And you're also not complying with GDPR rules, data destruction rules, making it easy for them to contact you and say, 'I want to opt out'." In the same way that Bletchley Park in the UK secretly employed more than 10,000 people I didn't realise this, but it turned out that there were well over 10,000 women recruited into cryptology, into cryptographic cracking, in the US to try and deal with Japanese ciphers during the war.

Australian Clinical Labs has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. While the firm says it's not aware of any misuse of the stolen information, it is notifying all impacted clients individually of what data was exposed in the attack.

SonicWall Capture Labs threat researchers recorded 2.8 billion malware hits, in the first half of 2022. Except for June, the global malware detection has been higher in 2022 when compared to 2021.