Security News > 2022

Here are some resolutions to follow to ensure your organization safely navigates the new hybrid office model. CISOs must stretch communications skills and create new channels to deliver education about information security.

While some may opt for the increasingly popular cloud-as-a-service model, outsourcing their cloud access and resources to a third-party, others are looking to private on-premises cloud solutions to mobilize their teams online. While an on-premises cloud solution might seem like an appealing way to get your team online while retaining full control and maximum security, is it really the best of both worlds? We'll get into that in a moment, but first let's outline what we mean by on-premises cloud and how it differentiates from regular cloud solutions.

There has been a lot of innovation that has sparked a new wave of technologies - from the boom in serverless technologies to the evolution of cloud automation security. These innovations have enabled organizations to improve business agility and reduce costs; but they've also increased the attack surface as demonstrated by a recent IDC report, which highlights that 98% of organizations suffered at least one cloud security breach in the previous 18-months.

The global unified communications market size is expected to reach $344.84 billion by 2028 and is expected to expand at a CAGR of 20.5% from 2021 to 2028, according to ResearchAndMarkets. The use of cloud-based solutions for fast and seamless communication across enterprises is expected to positively impact market growth.

Threat hunters have shed light on the tactics, techniques, and procedures embraced by an Indian-origin hacking group called Patchwork as part of a renewed campaign that commenced in late November 2021, targeting Pakistani government entities and individuals with a research focus on molecular medicine and biological science. "Ironically, all the information we gathered was possible thanks to the threat actor infecting themselves with their own , resulting in captured keystrokes and screenshots of their own computer and virtual machines," Malwarebytes Threat Intelligence Team said in a report published on Friday.

Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. The developer of these libraries intentionally introduced an infinite loop that bricked thousands of projects that depend on 'colors and 'faker'.

Ransomware attacks decrease, operators started rebrandingPositive Technologies experts have analyzed the Q3 2021 cybersecurity threatscape and found a decrease in the number of unique cyberattacks. How can SMBs extend their SecOps capabilities without adding headcount?While cybersecurity budgets are rising, most small and some midsize organizations looking to employ skilled cybersecurity professionals are often unable to match salaries offered by big enterprises in a job market where demand outstrips supply.

Owners of Honda cars of a certain age - apparently somewhere between 10 and 16 years old - have spent the first few days of the New Year reporting a weird "Millennium bug style" problem. Apparently, for many cars that are a decade or so old, New Year's Day 2022 was ushered in with their in-car clocks.

Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy. This new campaign was discovered by security researchers 0day enthusiast and MalwareHunterTeam who saw the malicious dnSpy project initially hosted at https://github[.

Eviatar Gerzi, a security researcher at CyberArk, has tried out various potential abuse pathways based on an old 2003 advisory on code execution via window title modifications and discovered a way to induce rapid window title changes on PuTTY. This atypical attack caused the test machine to enter a state known as the "White Screen of Death", where everything freezes except for the mouse cursor. The abused function is 'SetWindowText,' which allows changing the text of the specified window's title bar.