Mark Hughes, president of Security, DXC
The metaverse is here. But is it safe?
Strong digital identity management is the key to securely enjoying this exciting technology. Here’s why.
Stay up to date on the latest threats, vulnerabilities and nation-state activities.
THREAT UPDATE
BianLian gang now skips straight to extortion
A ransomware group discovered last year has shifted its focus from ransoming encrypted files to pure data extortion.
VULNERABILITY
GitLab releases critical security patches
GitLab has released fixes for two critical security flaws in Git that allow attackers to remotely execute arbitrary code.
NATION THREAT
Russian hackers pose as embassy staff
Polish authorities warn of a spear-phishing campaign where Russia-backed cyber spies impersonate European embassy representatives.
By the numbers
$8 trillion
in cybercrime damages predicted in 2023, growing to $10.5 trillion by 2025
$265+ billion
in global ransomware damage predicted by 2031
$1.75 trillion
in global cybersecurity spending expected by 2025
3.5 million
unfilled cybersecurity jobs globally
THREAT UPDATE
Chinese cybercriminals upgrade Turian backdoor
APT15 has created new variants in Turian backdoor to compromise Internet-exposed Linux and Windows web servers.
NATION THREAT
Russian cyberattacks rise in Canada
Officials urge network and other service providers to take precautions following attacks linked to Canada’s support of Ukraine.
VULNERABILITY
AWS patches CloudTrail API bug
Amazon Web Services has patched a bypass bug that lets attackers circumvent CloudTrail API monitoring.
THREAT UPDATE
SHC Linux malware installs CoinMiner
A new Linux malware downloader is infecting systems with cryptocurrency miners and DDoS IRC bots.
Subscribe for the latest threat updates.
?qlt=90&ts=1665762600393&$landscape-x4_desktop$&dpr=off)
Other news
Toyota supplier portal breached
A backdoor in Toyota's information management system for 14,000 global partners allowed a security researcher to access thousands of confidential documents, internal projects and supplier data.
Android 14 to block permission abuse
Google’s next Android version will enhance security and privacy, including blocking installation of malware that abuses sensitive permissions.
Attacks hijack Microsoft OneNote files
A new QBot malware campaign called "QakNote" uses malicious Microsoft OneNote attachments to infect systems with a banking trojan.
New campaign targets VMware servers
A massive new worldwide ESXiArgs ransomware attack targets VMware ESXi servers that remain unpatched against a two-year-old RCE vulnerability.
Clop ransomware flaw aids Linux victims
A flaw in the encryption scheme for Clop ransomware targeting Linux servers has allowed victims to recover files for free.
New wiper destroys Windows domains
SwiftSlicer, a new data-wiping malware found during a cyberattack in Ukraine, overwrites critical Windows operating system files.
vRealize exploit code released on web
VMware confirms the publication of exploit code for VMware vRealize Log Insight on the Internet and urges users to implement mitigations.