7 of the most impactful cybersecurity incidents of 2021.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 26 December 2021, 1404 UTC.

Content provided by “DarkReading.com.”

Source:  https://www.darkreading.com/

Please click link or scroll down to read your selections.

Latest News

7 of the Most Impactful Cybersecurity Incidents of 2021

There was a lot to learn from breaches, vulnerabilities, and attacks this year.

Microsoft Customer Source Code Exposed via Azure App Service Bug

Researchers found an insecure default behavior in Azure App Service exposing source code of some customer applications deployed using “Local Git.”

Nearly 50% of People Will Abandon Sites Prohibiting Password Reuse

A new study investigating consumer password use found 25% of online shoppers would abandon their carts of $100 if prompted to reset a password at checkout.

CISA’s New Log4j Scanner Aims to Find Vulnerable Apps

The open-sourced scanner was derived from scanners built by members across the open source community, CISA reports.

UK Security Agency Shares 225M Passwords With ‘Have I Been Pwned’

The UK’s NCA and NCCU have shared 225 million stolen emails and passwords with HIBP, which tracks stolen credentials.

Meta Files Federal Lawsuit Against Phishing Operators

The Facebook parent company seeks court’s help in identifying the individuals behind some 39,000 websites impersonating its brands to collect login credentials.

93% of Tested Networks Vulnerable to Breach, Pen Testers Find

Data from dozens of penetration tests and security assessments suggest nearly every organization can be infiltrated by cyberattackers.

Russian National Extradited for Illegal Hacking & Trading

Vladislav Klyushin was allegedly involved in a global operation to trade on nonpublic data stolen from US computer networks.

Latest Commentary

Log4j: A CISO’s Practical Advice

Working together is going to make getting through this problem a lot easier.

Dec 24, 2021

The Future of Work Has Changed, and Your Security Mindset Needs to Follow

VPNs have become a vulnerability that puts organizations at risk of cyberattacks.

Dec 23, 2021

Log4j Reveals Cybersecurity’s Dirty Little Secret

Once the dust settles on Log4j, many IT teams will brush aside the need for the fundamental, not-exciting need for better asset and application management.

Dec 22, 2021

Future of Identity-Based Security: All-in-One Platforms or Do-It-Yourself Solutions?

The functionality of all-in-one platforms is being deconstructed into a smorgasbord of services that can be used to develop bespoke end-user security procedures for specific work groups, lines of businesses, or customer communities.

Dec 22, 2021

Preemptive Strategies to Stop Log4j and Its Variants

Zero trust is key to not falling victim to the next big vulnerability.

Dec 21, 2021

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.