2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem
The Five Stories That Shaped Cybersecurity in 2022
Netwrix Acquires Remediant for PAM Technology
Data security software vendor Netwrix has acquired Remediant, an early-stage startup working on technology in the PAM (privileged access management) category.
Financial terms of the acquisition were not disclosed.
Microsoft Patches Azure Cross-Tenant Data Access Flaw
Microsoft has silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks.
LastPass Says Password Vault Data Stolen in Data Breach
Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that could be exposed by brute-forcing or guessing master passwords.
Cyber Insurance Analytics Firm CyberCube Raises $50 Million
CyberCube, a provider of cyber risk analytics for insurance companies, this week announced that it has raised $50 million in a new funding round that brings the total raised by the firm to $105 million.
US Puts 3 Dozen More Chinese Companies on Trade Blacklist
The U.S. Department of Commerce is adding 36 Chinese high-tech companies, including makers of aviation equipment, chemicals and computer chips, to an export controls blacklist, citing concerns over national security, U.S. interests and human rights.
US Government Agencies Issue Guidance on Threats to 5G Network Slicing
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released guidance on the security risks associated with 5G network slicing and mitigation strategies.
Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks
Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.
The operating system update, released as part of Microsoft’s scheduled Patch Tuesday, addresses a flaw that lets malicious attackers use rigged files to evade MOTW (Mart of the Web) defenses.
Mapping Threat Intelligence to the NIST Compliance Framework
Threat intelligence is critical for compliance personnel to justify budgets for governance, risk and compliance (GRC)
NSA Outs Chinese Hackers Exploiting Citrix Zero-Day
Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that a Chinese hacking group has already been caught exploiting the vulnerability.
