Security News > 2022

"These results demonstrate that while IT security threats have increased-primarily from the general hacking community and foreign governments-the ability to detect and remediate such threats has not increased at the same rate, leaving public sector organizations vulnerable," said Brandon Shopp, Group VP, Product Strategy, SolarWinds. State and local governments are significantly more likely than other public sector groups to be concerned about the threat of the general hacking community.

These investments empower organizations to provision enterprise workloads at edge locations in support of innovative edge use cases. Accordingly, a symbiotic edge and core to workload relationship is needed to enable workloads based at the core that support the edge, workloads based at the edge that support the edge, and workloads at the edge that support the core.

The global consumer IAM market is projected to grow from $8.6 billion in 2021 to $17.6 billion by 2026, at a Compound Annual Growth Rate of 15.3% during the forecast period, according to ResearchAndMarkets. Based on application area, the healthcare segment will grow at the highest CAGR. The Healthcare segment is projected to witness the fastest growth rate of during the forecast period.

First, there are compliance requirements that state a maximum window between patch release and applying that patch. Delayed patching leaves an extended window, but even patching within compliance regulations can still lead to a very long risk window.

The U.S. Cyber Command on Wednesday officially confirmed MuddyWater's ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. "MuddyWater has been seen using a variety of techniques to maintain access to victim networks," USCYBERCOM's Cyber National Mission Force said in a statement.

Bernalillo County, New Mexico, has been unable to comply with the settlement terms of a 27-year-old lawsuit over prison conditions because of a ransomware attack last week that saw prisoners back under manual control. Commissioners told the court that all of Bernalillo County, which covers the US state of New Mexico's largest city Albuquerque, had been affected by a January 5, 2022, ransomware attack, including the Metropolitan Detention Center that houses some of the state's incarcerated.

Apple has released security updates to address a persistent denial of service dubbed doorLock that would altogether disable iPhones and iPads running HomeKit on iOS 14.7 and later. Apple has addressed this severe resource exhaustion issue in iOS 15.2.1 and iPadOS 15.2.1 by adding improved input validation which no longer allows attackers to disable vulnerable devices.

The bug dates back at least to Windows Server 2012 R2, CyberArk software architect and security champion Gabriel Sztejnworcel wrote, leading the firm to conclude that the latest versions of Windows - including client and server editions - are affected. Sztejnworcel's writeup goes into great detail about how the attack works, but some basics on RDP plumbing include the fact that RDP splits a single connection into multiple logical connections called virtual channels for handling different types of data.

Cyberattackers are abusing Amazon Web Services and Azure Cloud services to deliver a trio of remote access trojans, researchers warned - all aimed at hoovering up sensitive information from target users. "When the initial script is executed on the victim's machine, it connects to a download server to download the next stage, which can be hosted on an Azure Cloud-based Windows server or an AWS EC2 instance."

Apple on Wednesday rolled out software updates for iOS and iPadOS to remediate a persistent denial-of-service issue affecting the HomeKit smart home framework that could be potentially exploited to launch ransomware-like attacks targeting the devices. The iPhone maker, in its release notes for iOS and iPadOS 15.2.1, termed it as a "Resource exhaustion issue" that could be triggered when processing a maliciously crafted HomeKit accessory name, adding it addressed the bug with improved validation.