Google paid a record $8.7 million to Bug Hunters in 2021.
Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.
Accessed on 12 February 2022, 2146 UTC.
Content provided by “DarkReading.com.”
Please click link or scroll down to read your selections.
New data from Kaspersky shows distributed denial-of-service attacks increased by more than 50% in the fourth quarter of last year compared with the third quarter.
Company’s Chrome and Android technologies continued to be target-rich environments for security researchers from around the world.
Password-guessing became last year’s weapon of choice, as attackers attempted to brute-force vulnerable Remote Desktop Protocol (RDP) servers, SQL databases, and SMB file shares.
A Webkit use-after-free vulnerability in iOS, iPadOS, Monterey, and Safari may already have been exploited, Apple said in a security advisory issued today.
Microsoft’s release of relatively sparse vulnerability information makes it difficult for organizations to prioritize mitigation efforts, security experts say.
Ransomware, cryptojacking, and a cracked version of the penetration-testing tool Cobalt Strike have increasingly targeted Linux in multicloud infrastructure, report states.
One publicly known flaw — an elevation-of-privilege bug in Windows Kernel — was included in the patches.
The online tech giant auto-enabled two-step verification for more than 150 million users, throwing up steep hurdles against scammers and attackers.
What CISOs Should Tell the Board About Log4j
It’s time for a reset with the board of directors. Very few have a dedicated, board-level cybersecurity committee, which means cybersecurity isn’t viewed as a critical executive function.
Data Transparency Hasn’t Made Us Safer Yet. Can It Uncover Breach Causality?
Advanced machine learning models within an XDR framework could uncover what actually causes breaches, but first we need better data transparency.
Log4j and the Role of SBOMs in Reducing Software Security Risk
Enterprises are spending a pittance on securing their software supply chain, which makes COTS software dangerous — vulnerabilities can be “hidden” in open source components.
Cyber Terrorism Is a Growing Threat & Governments Must Take Action
With its benefits of deniability, relatively low costs, and the ability to attack from anywhere, cyber terrorism will increasingly threaten civilians everywhere.
Salesforce DevOps Needs Guardrails
Some companies go too fast when it comes to SaaS, DevOps, and security, but smart developers and implementers will respect some basic guidelines to keep their product safe.
For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts. Thanks for joining us today.
https://paper.i/RussellRoberts (machine learning, artificial intelligence, IoT, and information security).