Here are today’s top cybersecurity-cybercrime stories compiled by “DarkReading.com.”
Views expressed in this cybersecurity update are those of the reporters and correspondents.
Accessed on 30 January 2022, 1305 UTC.
Content supplied by “DarkReading.com.”
Please click link or scroll down to read your selections.
Jan 28, 2022
Apple’s updates this week included fixes for two zero-day flaws, several code execution bugs, and vulnerabilities that allowed attackers to bypass its core security protections.
Email purportedly from human resources convinced more than one-fifth of recipients to click, the majority of whom did so within an hour of receiving the fraudulent message.
After companies accelerated their adoption of cloud infrastructure, remote workers are now insiders and pose significant risks, and costs, to companies.
“BotenaGo” contains exploits for more than 30 vulnerabilities in multiple vendor products and is being used to spread Mirai botnet malware, security vendor says.
Federal officials tout the strategy as a more proactive approach to securing government networks.
The memory corruption vulnerability in a policy component installed by default on most Linux distributions allows any user to become root. Researchers have already reproduced the exploit.
Europol and 10 nations seized servers and disconnected the anonymous network allegedly used by many cybercriminals in the latest effort to hobble cybercrime groups.
Navigating Nobelium: Lessons From Cloud Hopper & NotPetya
Nearly every organization should assume that it is at risk, but there are ways of countering the tactics used by advanced persistent threats.
IFSEC Seeks Security Pros for New Survey on Physical Access Control
Take part in an IFSEC Global survey to better understand the state of access control in 2022.
Log4j Proved Public Disclosure Still Helps Attackers
Disclosure also puts organizations in the awkward position of trying to mitigate a vulnerability without something like a vendor patch to do the job.
Cybersecurity Is Broken: How We Got Here & How to Start Fixing It
It’s not just your imagination — malicious threats have exponentially increased organizational risk.
Why It’s Time to Rethink Incident Response
The incident response landscape has changed drastically, largely from shifting attitudes among insurance companies and, to some extent, business customers feeling the pain of security incidents.
For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.
Thanks for joining us today.
Russ Roberts (https://atomic-temporary-195915488.wpcomstaging.com).