Security News > 2022

Millions of home broadband Wi-Fi routers in the UK could be at risk because many internet users do not take basic security precautions that could protect them from online threats, a research from Broadband Genie has found. In a survey of 1,320 broadband users, it was discovered that 88% have never updated their router firmware and 84% have never changed their router admin password.

Cybersecurity researchers have detailed a high severity flaw in KCodes NetUSB component that's integrated into millions of end-user router devices from Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital, among others. KCodes NetUSB is a Linux kernel module that enables devices on a local network to provide USB-based services over IP. Printers, external hard drives, and flash drives plugged into a Linux-based embedded system are made available via the network using the driver.

The video surveillance systems market is expected to grow at a CAGR of 10.06% over the forecast period 2021 to 2026, according to ResearchAndMarkets. Commercial segment is to dominate the video surveillance systems market.

Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control security framework, which enables users to configure the privacy settings of their apps and provide access to protected files and app data.

Moxie Marlinspike, the creator of the Signal secure messaging app, on Monday announced his resignation as CEO of the company. Marlinspike said he had always intended to grow Signal to the point that it could go on without his direct involvement but that wasn't possible as recently as four years ago when he was writing most of the code, managing employees, and personally handling support.

Lookout, an endpoint-to-cloud cyber security company, have put together their cyber security predictions for 2022. To operationalize threat hunting in 2022, Lookout expects organizations will look into integrated endpoint-to-cloud security solutions that are cloud-delivered.

FinalSite announced today the findings of a six-day investigation into last week's ransomware attack, stating it found no evidence schools' data accessed or stolen by hackers. After a six-day investigation, FinalSite states that they have determined what ransomware gang performed the attack and how they gained access to their network but would not be disclosing their names due to ongoing investigations.

The CISO role has taken on greater prominence at a time when cyberattacks have become relentless and increasingly sophisticated, and millions of people continue to work from home. "As cybercrime continues to increase and companies face monetary losses or damages, the role of the CISO and security overall or critical to business success."

Extortion or ransom DDoS attacks started to become a new threat in August 2020 and grew bigger and more complex since then. One of the largest DDoS attacks that Cloudflare mitigated lasted for 60 seconds and came from a botnet with 15,000 systems that hurled close to 2Tbps of junk packets at a customer.

The European Union's data protection watchdog on Monday ordered Europol to delete a vast trove of personal data it obtained pertaining to individuals with no proven links to criminal activity. "Datasets older than six months that have not undergone this Data Subject Categorisation must be erased," the European Data Protection Supervisor said in a press statement.