Security News > 2023 > May

The U.S. Cybersecurity and Infrastructure Security Agency has added three flaws to the Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. The second flaw to be added to the KEV catalog is CVE-2021-45046, a remote code execution affecting the Apache Log4j2 logging library that came to light in December 2021.

Security analyst burnout is a common issue that stems from being overworked, exposed to excessive repetition, stressed, and unable to maintain a healthy work-life balance. Organizations must be aware of warning signs - such as exhaustion and cynicism - to prevent security analyst burnout and take appropriate measures.

While the digitalization of manufacturing operations provided transformational opportunities and greater efficiency and sustainability, it also connected manufacturing environments and infrastructures that operated historically as isolated silos with limited external connectivity. How do cyber threats in the manufacturing sector differ from those in other industries, and what unique challenges do manufacturers face in implementing cybersecurity measures?

Insider attacks such as fraud, sabotage, and data theft plague 71% of U.S. businesses, according to Capterra. According to Capterra's research, companies that allow excessive data access are much more likely to report insider attacks.

Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. "We launched the Data Security Incident Response Report nine years ago because we recognized that organizations were making data-driven decisions about other areas of risk and compliance and that there was no source for that purpose for data security," said Theodore J. Kobus III, chair of BakerHostetler's Digital Assets and Data Management Practice Group.

Warrantless searches of US residents' communications by the FBI dropped sharply last year - from about 3.4 million in 2021 to 119,383 in 2022, according to Uncle Sam. For one, the FBI changed the methodology used to calculate the number of Section 702 searches, and says previous years' reports used duplicative counting methods.

We've written about the uncertainty of Apple's security update process many times before. Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac.

Apple has launched the first Rapid Security Response patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones. As the company describes in a recently published support document, RSR patches are small-sized updates that target the iPhone, iPad, and Mac platforms and patch security issues between major software updates.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The service provider doesn't yet have a timeline for when it expects to have all of its systems back up and running.