- CISA adds four known exploited vulnerabilities to Catalog. (to the original material)
- McAfee releases security updates for McAfee Agent for Windows. (to the original material)
- Log4j vulnerability - update from the CSIRTs Network. (to the original material)
- New infosec products of the week: January 21, 2022. (to the original material)
- Stealthy firmware bootkit leveraged by APT in targeted attacks. (to the original material)
- Google Drive starts warning users about suspicious files. (to the original material)
- The importance of securing machine-to-machine and human-to-machine interaction. (to the original material)
- How do IT leaders plan to overcome remote work security challenges? (to the original material)
- Cybersecurity industry trends from 2021 bound to shape this year’s threat landscape. (to the original material)
- Exposed records exceeded 40 billion in 2021. (to the original material)
- What is opening EV (Electric Vehicle) charging stations to cyberattacks? (to the original material)
- Cybersecurity market to reach $346 billion by 2027. (to the original material)
- Biden signs authority for NSS to NSA: Think CISA for military, intel systems. (to the original material)
- Does your cyber insurance policy cover cyberwar? (to the original material)
- U.S. Sanctions 4 Ukrainians for working with Russia to destabilize Ukraine. (to the original material)
- Crypto.com confirms breach, nearly $34 million in losses. (to the original material)
- Ukraine cyberattacks: A case of hacktivism? (to the original material)
- The Week in Ransomware - January 21st, 2022 - Arrests, Wipers, and More. (to the original material)
- Phishing impersonates shipping giant Maersk to push STRRAT malware. (to the original material)
- Microsoft disables Excel 4.0 macros by default to block malware. (to the original material)
- Over 90 WordPress themes, plugins backdoored in supply chain attack. (to the original material)
- McAfee Agent bug lets hackers run code with Windows SYSTEM privileges. (to the original material)
- Homelife of Connecticut residents secretly recorded. (to the original material)
- Pennsylvania approves ransomware bill. (to the original material)
- The New Amateur Hackers: How professional hackers are enabling a new wave of novices. (to the original material)
- Memorial Health System confirms data breach. (to the original material)
- Tackling misconceptions of mobile-based authentication. (to the original material)
- (ISC)2 Appoints its first CISO. (to the original material)
- Two-Fifths of ransomware victims still paying up. (to the original material)
- #COVID19 phishing emails surge 500% on Omicron concerns. (to the original material)
- Merck Wins $1.4bn NotPetya payout from insurer. (to the original material)
- Researchers find similarities between NotPetya, attacks on Ukrainian government systems. (to the original material)
- A bug in McAfee Agent allows running code with Windows SYSTEM privileges. (to the original material)
- Disruptive attacks in Ukraine are likely linked to escalating tensions. (to the original material)
- Will ransomware gangs see flow of cash throttled by Russian cryptocurrency restrictions? (to the original material)
- Ukraine campaign delivers defacement and wipers, in continued escalation. (to the original material)
- Threat Roundup for January 14 to January 21. (to the original material)
- Week in security with Tony Anscombe. (to the original material)
- Compliance, emerging technology will fuel financial tech funding in 2022. (to the original material)
- What’s it mean? Making sense of Twitter’s decision to oust "Mudge" Zatko and Rinki Sethi. (to the original material)
- Patient data were stolen ahead of Memorial Health ransomware attack, EHR downtime. (to the original material)
- IRS plans for facial recognition draw scrutiny from privacy, cybersecurity advocates. (to the original material)
- HHS shares Log4j remediation guide, urges healthcare to assume compromise. (to the original material)
- European Commission launches new open-source software bug bounty program. (to the original material)
- Was COMELEC hacked? Philippines Commission on Elections casts doubt on data breach claims. (to the original material)
- Open debug mode in Cisco mobile networking software created critical security hole. (to the original material)
- BitLocker encryption: Clear text key storage prompts security debate online. (to the original material)
- US Federal Reserve issues report on Digital Dollar. (to the original material)
- Federal Authorities, patient safety experts warn of risks. (to the original material)
- EU Plans to build its own DNS infrastructure. (to the original material)
- 3 Weeks, 6 bugs: Experts analyze, advise on WordPress flaws. (to the original material)
- ISMG Editors: Will ransomware kill cyber insurance? (to the original material)
- From the Trenches: Remediating widespread Apache Log4j flaw. (to the original material)
- Hackers planted secret backdoors in dozens of WordPress plugins and themes. (to the original material)
- Critical bugs in control web panel expose Linux Servers to RCE attacks. (to the original material)
- Chinese hackers spotted using new UEFI Firmware implant in targeted attacks. (to the original material)
- Chinese APT deploys MoonBounce implant in UEFI firmware. (to the original material)
- Amazon fake crypto token investment scam steals Bitcoin from victims. (to the original material)
- The Internet’s most tempting targets. (to the original material)
- Spyware blitzes compromise, cannibalize ICS Networks. (to the original material)
- Arm rages against the insecure chip machine with new Morello architecture. (to the original material)
- Emotet spam abuses unconventional IP address formats to spread malware. (to the original material)
- This Week in Security News - January 21, 2022. (to the original material)
- Codex Exposed: Task automation and response consistency. (to the original material)
