Security News > 2022

Researchers have developed a malware detection system that uses EM waves: "Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification." They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.

Once data is backed up, many organisations tend to forget about it. Firstly, ransomware attackers are data savvy enough to know that hitting a target's backups first means they are more likely to pay up a ransom.

In this interview with Help Net Security, Curtis Fechner, engineering fellow at Optiv Security, explains the function of incident response tabletop exercises and how they can help reduce an organization's overall cyber risk by keeping it prepared for a real incident. Traditionally these exercises would be conducted in a round table format, thus the name "Tabletop exercise." These exercises are generally less technical in nature, as there is no practical assessment of security controls, and the overall focus is on management of risk.

Cybercrime has been growing rapidly for years, and the sudden pandemic-fueled shift to work from home only accelerated the threat, forcing businesses to start putting a real focus on establishing solid security protocols and building a strong relationship with their cybersecurity vendors. The WFH and hybrid work models dramatically expanded potential attack avenues for cybercriminals seeking access to corporate resources and assets.

While rapid technology advances have improved manufacturing operations in recent years, combining new and legacy operational technology has created security gaps that many manufacturers are just beginning to close, according to a research report published by Information Services Group. The report finds the complex mix of legacy OT and newer, connected technologies such as industrial IoT and machine learning has forced manufacturers to add security extensions for protection against cyberattacks.

To delay it, highly advanced AI-powered security that protects your entire suite is needed. AI is integral for any good email security solution.

Amid the COVID-19 crisis, the global market for multi-factor authentication estimated at $8.6 billion in the year 2020, is projected to reach a revised size of $21.3 billion by 2027, growing at a CAGR of 13.9% over the analysis period 2020-2027, according to ResearchAndMarkets. The U.S. MFA market is estimated at $2.3 billion.

A man from the U.K. city of Nottingham has been sentenced to more than two years in prison for illegally breaking into the phones and computers of a number of victims, including women and children, to spy on them and amass a collection of indecent images. Robert Davies, 32, is said to have purchased an arsenal of cyber crime tools in 2019, including crypters and remote administration tools, which can be used as a backdoor to steal personal information and conduct surveillance through microphones and cameras, catching the attention of the U.K. National Crime Agency.

Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal and Unified Contact Center Domain Manager that could be exploited by a remote attacker to take control of an affected system. "With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP," Cisco noted in an advisory published this week.

Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable. The shattering of Windows was first reported by BornCity on Tuesday, as in, on the same day that Microsoft released a mega-dump of 97 security updates in its January 2022 Patch Tuesday update.