Cybersecurity News & Updates - December, 2022

Cybersecurity News & Updates - December, 2022

Check out the latest updates on high vulnerabilities, data breaches and ransomware attacks.

High Vulnerabilities

No alt text provided for this image

Top 5 Web App Vulnerabilities and How to Find Them

Web applications, often in the form of Software as a Service (SaaS), are now the cornerstone for businesses all over the world. SaaS solutions have revolutionized the way they operate and deliver services, and are essential tools in nearly every industry, from finance and banking to healthcare and education. Read more

__________________________________________________________________________

“High severity” vulnerabilities uncovered in three-quarters of operational technology systems

Three-quarters of industrial control devices used in operational technology (OT) networks remain unpatched and laden with severe vulnerabilities, according to new research from Microsoft. Statistics from the tech giant’s latest Cyber Signals bulletin showed that threats against operational technology systems and internet of things (IoT) products are rising steeply and posing significant risks for businesses globally. Read more

__________________________________________________________________________

The Top Security Vulnerabilities of 2022 and Their Workarounds

As technology continues to evolve, so too does the cyber-threat landscape. Keeping up with the latest security vulnerabilities is critical for security and technology teams. With the new year just around the corner, let’s look at some of the top security vulnerabilities organizations should be aware of from?2022. Read more

__________________________________________________________________________

Google Launches OSV-Scanner Tool to Identify Open Source Vulnerabilities

Google on Tuesday announced the open source availability of?OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about various projects. The?Go-based tool, powered by the Open Source Vulnerabilities (OSV) database, is designed to connect "a project's list of dependencies with the vulnerabilities that affect them," Google software engineer Rex Pan in a?post?shared with The Hacker News. Read more

__________________________________________________________________________

Code-generating AI can have security vulnerabilities, study finds

Software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop, TechCrunch reported, citing a study by Stanford. “Code-generating systems are currently not a replacement for human developers,” TechCrunch quoted a scientist as saying in the report. Read more

__________________________________________________________________________

Ransomware Attacks

No alt text provided for this image

Ransomware attacks on health care organizations on the rise

From 2016 to 2021, there was an increase in ransomware attacks on health care delivery organizations, exposing the personal health information (PHI) of nearly 42 million patients, according to a study. Read more

__________________________________________________________________________

1.3 TB data encrypted and five servers affected in AIIMS ransomware attack

Based on current analysis by stakeholders concerned, about 1.3 terabyte data were encrypted in the recent ransomware attack on the All-India Institute of Medical Sciences’ (AIIMS) information technology network by unknown threat actors, according to the government. Read more

__________________________________________________________________________

Most dangerous ransomware groups of 2022

Over the last year, gangs have dissolved and reformed, but one thing's for certain – they keep coming back. Despite all efforts, the problem of ransomware continues to grow, with a recent report from cloud security firm Zscaler recording an 80% increase in ransomware attacks year-on-year. Read more

__________________________________________________________________________

Scripps ransomware settlement letters arriving in mailboxes

Scripps Health patients both former and current have begun receiving ransomware attack settlement notifications in the mail. The bi-fold cards with postage paid and a settlement administrator in Portland may prompt some to wonder if these notices, which offer “$100 in CASH and other benefits” are legit or just the latest sophisticated attempt of scammers looking to pilfer personal information. Read more

__________________________________________________________________________

Phishing, ransomware continue to hinder email security through 2022

In 2022, security practitioners struggled to address the growing attack surface created by their rapid push to remote work and cloud-based operations during the previous two years. Cyber criminals exploited new vulnerabilities — including those introduced by the growing use of third-party software — to launch ransomware and other attacks. Read more

__________________________________________________________________________

Data Breaches

No alt text provided for this image

Data breaches could be even more expensive in 2023

Based on data collected from more than 750,000 unique?endpoints, distributed around the world, the company's report claims the average cost of a data breach is expected to hit $5 million by next year.?To make matters even worse - the researchers expect the number of breaches to increase significantly, as well. The threats from malicious and phishing emails rose by 60% year-on-year, they said. Read more

__________________________________________________________________________

It’s all in the (lack of) details: 2022’s badly handled data breaches

Data breaches can?be extremely harmful to organizations of all shapes and sizes — but it’s how these companies react to the incident that can deal their final blow. Read more

__________________________________________________________________________

LastPass data breach: CERT-In warns Indian users of phishing

LastPass, a password managing platform, recently said that hackers, who illegally accessed the company's cloud-based storage environment in August of 2022, have a copy of consumer data. In the wake of this data breach,?Computer Emergency Response Team (CERT-In) has issued an advisory and has warned Indian users that cybercriminals can undertake phishing attacks to compromise their accounts. Read more

__________________________________________________________________________

The 10 Biggest Data Breaches Of 2022

The data breach picture?for 2022 isn’t pretty. At the start of the year, the number of victims per data breach incident was actually falling across the country, suggesting that companies with lots of customers might be doing a better job of protecting their data than in years past. Read more

要查看或添加评论,请登录

Inspirisys Solutions Limited (a CAC Holdings Group Company)的更多文章

社区洞察

其他会员也浏览了