The latest cybersecurity news from last week is full of stories about new threats and vulnerabilities, as well as updates on existing threats. Here are 10 of the most important stories to keep an eye on:
- Cyberpion rebrands to Ionix
Cyberpion, a leading provider of external attack surface management (EASM) solutions, has rebranded to Ionix. The company says the new name better reflects its focus on helping organizations reduce their risk of attack by providing visibility into their real attack surface.
Ionix’s platform uses machine learning to discover and monitor every internet-facing asset and connection, delivering laser focus into the most critical risks to the business. The company also provides the tools to rapidly remediate exploitable threats and reduce attack surface risk. You can check out the official Ionix company site to learn more.
- Microsoft releases new security updates
Microsoft has released a number of new security updates for its products, including Windows, Office, and Exchange. The updates address a variety of vulnerabilities, including some that could be exploited by remote attackers.
Organizations should install the updates as soon as possible to protect themselves from these vulnerabilities.
- Google releases new Chrome security updates
Google has also released a number of new security updates for its Chrome web browser. The updates address a variety of vulnerabilities, including some that could be exploited by remote attackers to execute arbitrary code on affected systems.
Organizations should update their Chrome browsers to the latest version to protect themselves from these vulnerabilities.
- New ransomware variant targeting healthcare organizations
A new ransomware variant is targeting healthcare organizations. The ransomware, known as “Conti,” encrypts files on infected systems and demands a ransom payment in exchange for the decryption key.
Healthcare organizations should take steps to protect themselves from this ransomware, including implementing strong security measures and having a plan in place to respond to a ransomware attack.
- New phishing campaign targeting Microsoft Office 365 users
A new phishing campaign is targeting Microsoft Office 365 users. The campaign uses emails that appear to be from Microsoft to trick users into clicking on a malicious link.
If users click on the link, they will be taken to a fake website that asks them to enter their Office 365 credentials. Once the credentials are entered, they are sent to the attacker.
Organizations should educate their employees about phishing scams and how to protect themselves from them.
- New vulnerability in Apache Log4j could allow remote code execution
A new vulnerability has been discovered in the Apache Log4j logging library. The vulnerability, known as Log4Shell, could allow remote attackers to execute arbitrary code on affected systems.
The vulnerability is present in all versions of Log4j up to 2.14.1. Organizations should upgrade to Log4j 2.15.0 or later to address the vulnerability.
- New zero-day exploit for Windows Print Spooler service
A new zero-day exploit has been discovered for the Windows Print Spooler service. The exploit could allow remote attackers to execute arbitrary code on affected systems.
The exploit has been used in targeted attacks against organizations in the United States. Microsoft has released a security update to address the vulnerability.
Organizations should install the security update as soon as possible to protect themselves from this exploit.
- New data breach exposes personal information of millions of people
A new data breach has exposed the personal information of millions of people. The data breach affected a company that provides customer support services to businesses.
The data that was exposed includes names, addresses, phone numbers, and email addresses. Organizations should take steps to protect themselves from data breaches, such as implementing strong security measures and educating employees about data security best practices.
- New malware variant targeting cryptocurrency users
A new malware variant is targeting cryptocurrency users. The malware, known as “Emotet,” steals cryptocurrency wallets and other sensitive information from infected systems.
Cryptocurrency users should take steps to protect themselves from this malware, such as using strong passwords and two-factor authentication.
- New research shows that cyber attacks are on the rise
New research shows that cyber attacks are on the rise. The research, conducted by Cybersecurity Ventures, found that cybercrime will cost the world $10.5 trillion annually by 2025.
The research also found that the number of data breaches will increase to 265 per day by 2025. Organizations should take steps to protect themselves from cyber attacks, such as implementing strong security measures and educating employees about cyber security best practices.
These are just a few of the latest cybersecurity news stories from last week. Organizations should stay up-to-date on the latest threats and vulnerabilities to protect themselves from attack.