Security News > 2022

The UK's Competition and Markets Authority has invited comments from industry and interested parties about NortonLifeLock's proposed $8bn purchase of fellow infosec outfit Avast. "The CMA is considering whether it is or may be the case that this transaction, if carried into effect, will result in the creation of a relevant merger situation under the merger provisions of the Enterprise Act 2002," it said.

Attackers looking to exploit recently discovered Log4j vulnerabilities are also trying to take advantage of a previously undisclosed vulnerability in the SolarWinds Serv-U software. It affects version 15.2.5 and previous versions of Serv-U, and has been patched by SolarWinds in version 15.3.

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Crypto.com CEO: 400 customer accounts hit.

Crypto.com has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts.Crypto.com CEO: 400 customer accounts hit.

Humanitarian organization the International Red Cross disclosed this week that it has fallen foul of a cyberattack that saw the data of over 515,000 "Highly vulnerable people" exposed to an unknown entity. The target of the attack was the organisation's Restoring Family Links operation, which strives to find missing persons and reunite those separated from their families due to armed conflict, migration, disaster, detention and other catastrophic events.

Another CISO walks into a board meeting and muddles through stats showing their compliance status. In the classic risk management equation of Risk = Threat x Vulnerability, I have no control over the threat actor's motivation, skill, or resources.

Newly combined security outfits McAfee and FireEye have revealed a new name: "Trellix". Readers may find the name familiar, as another tech company used the same name in the 1990s and early 2000s when it offered intranet and web published tools such as Trellix Web.

As networks continue to evolve and security threats get more complex, security analytics plays an increasingly critical role in securing the enterprise. By combining software, algorithms and analytic processes, security analytics helps IT and security teams proactively detect threats before they result in data loss or other harmful outcomes.