Threat Source Newsletter (Jan. 27, 2022)

Newsletter compiled by Jon Munshaw.

Good afternoon, Talos readers.  
It’s great to have New Year’s resolutions and all. But we don’t want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn’t mean you should stop logging or stop using open-source software.
The latest Beers with Talos episode dropped this morning, and it’s a great reflection on lessons we can learn from the major cyber attacks last year, from SolarWinds to Log4j. It’s the perfect audio pairing to the latest Talos Incident Response Threat Assessment Report, which also looks at the trends IR saw in the field last year.
We also disclosed some notable vulnerabilities this week, including one that affects iOS and macOS, as well as a string of issues that could be exploited to completely wipe and reformat a video card on a popular WiFi-enabled camera. 

Cybersecurity week in review
Two critical vulnerabilities in Linux servers could allow attackers to execute remote code as root on targeted environments. The issues reside in Control Web Panel (CWP) – a popular web hosting management software used by hundreds of thousands of servers across the globe.Apple released a slew of security updates across its products, including new versions of iOS 15 and

Read More: http://blog.talosintelligence.com/2022/01/threat-source-newsletter-jan-27-2022.html