Security News

ZeroFox published a threat intelligence forecast for 2022, detailing expected cybercriminal behavior trends including ransomware, malware-as-a-service, vulnerabilities and exploits. Within the report, the ZeroFox Intelligence team reviews 12 months of threat actor activity from 2021 and provides go-forward recommendations for security teams as we continue into 2022.

As the number of ransomware attacks continue to rise, Blackberry has found as a part of its annual threat report that there may be a shared economy amongst cyber criminals that is growing. "This infrastructure has also incubated a criminal shared economy, with threat groups sharing and outsourcing malware allowing for attacks to happen at scale. In fact, some of the biggest cyber incidents of 2021 look to have been the result of this outsourcing."

Researchers discover common threat actor behind aviation and defense malware campaigns. Security researchers at Proofpoint have announced their discovery of a common threat actor behind attacks reported by Cisco Talos, Microsoft and others, and they say that the group has been active since at least 2017.

The PCI Security Standards Council and the National Cybersecurity Alliance issued a joint bulletin on the increasing threat of ransomware attacks. The high-profile ransomware attacks in 2021 have been part of a larger global increase in ransomware crime.

Giving employees the flexibility to be fully productive while working remotely makes it critical that businesses have endpoint security measures in place to prevent, detect and respond to the growing threat landscape while allowing employees the flexibility to work remotely. Dell endpoint protection spans the enterprise to include multi-cloud data protection solutions that can be delivered as software-defined and/or appliance-based solutions, and above all, enables users to remain highly productive by defeating increasingly sophisticated attacks in the new remote work paradigm.

Giving employees the flexibility to be fully productive while working remotely makes it critical that businesses have endpoint security measures in place to prevent, detect and respond to the growing threat landscape while allowing employees the flexibility to work remotely. Dell endpoint protection spans the enterprise to include multi-cloud data protection solutions that can be delivered as software-defined and/or appliance-based solutions, and above all, enables users to remain highly productive by defeating increasingly sophisticated attacks in the new remote work paradigm.

Security researchers from Onapsis - the security firm that specializes in security for SAP, Oracle, Salesforce, and other software-as-a-service platforms and that discovered the bugs - joined SAP in coordinating the release of a Threat Report describing the critical vulnerabilities onTuesday. As of Tuesday, Onapsis Research Labs had estimated that there were tens of thousands - approximately 40,000 - SAP customers running more than 10,000 potentially affected, internet-exposed SAP applications.

Menlo Security announced it has identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats, that bypass traditional security defenses. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.

Google is adding a new defensive layer to protect enterprise workloads running in Google Cloud. It's called Virtual Machine Threat Detection, and will help select Security Command Center customers detect cryptomining malware inside their virtual machines.

WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on findings from more than 1,300 malicious npm packages identified in 2021.