Human security

Week in Review: 2022 Cloud Security Trends, Microsoft Fixes Worming RCE

Here’s a look at some of the most interesting news, articles and interviews from the past week:

Phishers target Office 365 users by exploiting Adobe Cloud
Phishers create Adobe Creative Cloud accounts and use them to send phishing emails that can thwart traditional checks and some advanced threat protection solutions, warns Jeremy Fuchs, security researcher at Avanan.

Microsoft fixes RCE wormable in Windows Server and Windows (CVE-2022-21907)
The first Patch Tuesday of 2022 is upon us and Microsoft has delivered fixes for 96 CVE numbered vulnerabilities, including a worming RCE flaw in Windows Server (CVE-2022-21907).

A new cross-platform backdoor is exploited by an advanced threat actor
A new cross-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021.

When it comes to banking security, there is no miracle solution
In this interview with Help Net Security, Ido Helshtock, Chief Product Officer at HUB Security, talks about banking security, the most common vulnerabilities, and what banks can do to protect their own assets as well as those of their customers.

Detect and identify IoT malware by analyzing electromagnetic signals
Electromagnetic (EM) emanations can be recorded and used to detect and identify malware running on IoT devices, a group of researchers working at IRISA has proven.

How to improve your IR table exercises and why should you really?
In this interview with Help Net Security, Curtis Fechner, engineer at Optiv Security, explains the function of incident response tabletop exercises and how they can help reduce an organization’s overall cyber risk by preparing it for a real incident. .

Video Surveillance System Market Expected to Grow Steadily by 2026
The video surveillance systems market is expected to grow at a CAGR of 10.06% over the forecast period 2021 to 2026, according to ResearchAndMarkets.

6 cloud security trends to watch in 2022
It’s fascinating to step back and see how “the cloud” has grown over the past two decades. Many innovations have sparked a new wave of technologies – from the rise of serverless technologies (allowing businesses to scale and build platforms at speeds never seen before) to the evolution of enterprise security. cloud automation.

How the pandemic has fueled business digital transformation
The COVID-19 pandemic has accelerated digital business transformation by three to five years as companies build IT ecosystems to enable growth, innovation and improved customer experience under new conditions, according to a research report published by Information Services Group (ISG).

On-premises cloud: the worst of both worlds?
According to the latest figures from global technology leader ISG, investment in cloud-based services is skyrocketing with no signs of slowing down any time soon. In Europe, for example, investments in cloud-based services will soon account for more than half of all IT spending.

Tech-related employment remains solid, unemployment rate for IT jobs drops to 2%
Employment and hiring opportunities related to technology continue to expand, according to analysis by CompTIA. Employment gains in the technology sector in December bucked the generally disappointing national employment trend.

Eight resolutions to help you navigate the new hybrid office model
Continuous review and improvement are essential to the success of a security program. As this year draws to a close, it’s a good time to take stock of 2021 and prepare some New Year’s resolutions.

SMBs remain an easy target for cybercriminals
Cybercrime remains a top concern, with 51% of SMBs facing a cybersecurity breach, a Markel Direct survey reveals.

Data Security in the Age of Insider Threats: An Introduction
Of course, your employees are diligent, safety-conscious and loyal. But the real world tells a different story. A total of 94% of organizations have experienced an insider data breach in the past year, with 84% of data breaches resulting from human error.

How secure are cloud applications?
Netskope published research highlighting the continued growth of malware and other malicious payloads delivered by cloud applications. Year-over-year analysis identifies key trends in attacker activity in the cloud and data risk in the cloud from 2021 versus 2020, and examines changes in the malware landscape throughout of 2021, highlighting that attackers are more successful in delivering malware payloads to their victims and offering guidance for improving security posture in 2022.

Small businesses are the most vulnerable to growing cybersecurity threats
Many small and medium-sized businesses (SMBs) mistakenly assume (hope?) that their size makes them a less attractive target for hackers, not realizing that cybercriminals are eager to exploit the unique characteristics that make them even more vulnerable to cyberattacks.

2022 is shaping up to be a tough year for cybersecurity professionals
We can make great strides towards improving cybersecurity in 2022, if we’re smart and pragmatic about prioritization, risk management and optimizing automation to help us work smarter, not harder. . Working smarter requires an automated, comprehensive, and accurate inventory of assets.

Ransomware, supply chain and deepfakes: the main threats the financial sector must prepare for
The financial industry is constantly targeted by many threat actors, and they are constantly innovating and trying new techniques (such as deepfakes) to outwit security teams and penetrate an organization’s network.

The Growing Threat of Cybercriminals Targeting Cloud Infrastructure in 2022
In the world of cybersecurity, fighting threats is like playing endless, hyper-advanced, multi-dimensional Whack-A-Mole: new threats are constantly emerging, often from unexpected sources, and trying to keep up can seem impossible.

In 2022, comprehensive AI-based security is needed
In 2021, ransomware has become a table conversation. Not only have cybersecurity officials focused on the ransomware pandemic, but the general population has also learned about the dangers of ransomware. It is a constant news headline and a daily concern involving small, medium and large businesses across all industries, as well as consumers.

The future of security protocols for remote work
WFH and hybrid work models have greatly expanded the potential avenues of attack for cybercriminals seeking access to corporate resources and assets. The need to strengthen security standards for businesses in all sectors is both serious and urgent.

Analyst’s Guide: Crypto Buyers Checklist
Finding ways to effectively secure information is essential. This challenge is perhaps never more pronounced than with email. Whether you have something in place or not, now is a good time to consider what your organization needs and the ramifications of providing a solution.

Audit your Active Directory with a free read-only scan from Specops
Did you know that over 80% of breaches result from compromised passwords? Passwords are the first line of defense against cyberattacks. Check your AD for over 800 million known hacked passwords.

New infosec products of the week: January 14, 2022
Here’s a look at some of the hottest products from the past week, with releases from Avast, CyberRes, NormCyber, SureCloud, and Zyxel.