Security News > 2022 > November

Zero-days are bugs for which there were zero days you could have updated proactively. Because cybercriminals not only found the bug first, but also figured out how to exploit it for nefarious purposes before a patch was prepared and published.

Hackers are capitalizing on a trending TikTok challenge named 'Invisible Challenge' to install malware on thousands of devices and steal their passwords, Discord accounts, and, potentially, cryptocurrency wallets. A new and trending TikTok challenge requires you to film yourself naked while using TikTok's "Invisible Body" filter, which removes the body from the video and replaces it with a blurry background.

50% off the Malwarebytes Premium + Malwarebytes Privacy VPN bundle, discounted from $79.99 to $39.99. 25% off Malwarebytes for Teams, discounted from $49.99 to $37.49.

Updates to Windows Server released as part of this month's Patch Tuesday onslaught might cause some domain controllers to stop working or automatically restart, according to Microsoft. The enterprise software behemoth said organizations installing KB5019966 or later updates on domain controllers could see a memory leak with the Local Security Authority Subsystem Service.

Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The logs showed that technicians from six of the locations had accessed personal data and that two of those shops also copied data onto a personal device.

While some AWS partners chose to hold back on their announcements and statements ahead of AWS re:Invent 2022 - presumably in an attempt to vie for share of voice during the event - a handful were vocal in the run-up to this year's show, staged in Las Vegas between Nov. 28 and Dec. 2. How to connect to AWS. Data platform company Redis signed a tighter AWS deal this month to put its Redis Enterprise Cloud real-time data processing capabilities more closely within the global reach of AWS services.

Meta has been fined €265 million by the Irish data protection commission for a massive 2021 Facebook data leak exposing the information of hundreds of million users worldwide. Facebook at the time said threat actors collected the data by exploiting a flaw in its "Contact Importer" tool to associate phone numbers with a Facebook ID and then scraping the rest of the information to build a profile for the user.

Cyber Monday is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software. ProtonVPN has a Cyber Monday sale where you can get up to 50% off, depending on the length of the subscription.

The United States government, through the Federal Communications Commission, has banned the sale of equipment from Chinese telecommunications and video surveillance vendor Huawei, ZTE, Hytera, Hikvision, and Dahua due "Unacceptable risks to national security". "The Federal Communications Commission adopted new rules prohibiting communications equipment deemed to pose an unacceptable risk to national security from being authorized for importation or sale in the United States," reads the press release from the FCC. "These new rules are an important part of our ongoing actions to protect the American people from national security threats involving telecommunications," commented Chairwoman J. Rosenworcel.

What if you could add to the fun by taking part in an entertaining free holiday-themed cyber security event that both builds your skills and gives you the chance of adding a stellar prize to the pile of gifts under your tree? That's what's on offer with the 2022 SANS Holiday Hack Challenge, billed as the most festive virtual cyber security event of the year.