Cyberattacks consistently hit the headlines throughout the year, and they aren’t expected to slow down any time soon. While the intensity and impact change from one attack to the other, there are always a few that rank the highest in terms of size. We looked at the five biggest cyberattacks of 2022 and how they influenced users around the globe.

The customer experience at the world’s biggest banks and fintech firms is undergoing a significant change. Because of technological advancements, account users may now not only transfer money online but also log in using Identity Verification using face match technology and do a variety of operations using simply their smartphone and its front camera. Technology in this area has made things faster, easier, and safer during the last decade.

The popularity of serverless architectures continues to grow as organizations seek ease of scalability and to eliminate the need to provision and manage infrastructure. In fact, in our most recent State of Serverless report, we found that more than half of our customers have adopted serverless technologies offered by Azure, Google Cloud, and AWS.

At this year’s AWS re:Invent conference, Snyk’s VP of Product Marketing, Ravi Maira, spoke with Omar Peerzada, Cyber Security Architect at Neiman Marcus, about how his team transitioned from older security practices to a developer-first security strategy. Watch the full talk now, or keep reading for the highlights.

That’s an excerpt from the fact sheet accompanying the May 2021 Executive Order on Improving the Nation’s Cybersecurity (EO). It refers to one of seven ambitious measures in the EO: shoring up security of that notorious playground for hackers, the software supply chain. Knowing that organizations lack visibility into the components that comprise their connected assets, bad actors can have a field day exploiting vulnerabilities to penetrate networks and take control.

On the 12th of December 2022, Fortinet published an advisory regarding an actively exploited remote code execution vulnerability affecting FortiOS through the SSL VPN service. Fortinet has stated that they are aware of at least one instance where this vulnerability was successfully exploited in the wild, though other undocumented cases may exist. The threat actors leveraged the vulnerability to deploy malicious files on the filesystem of affected devices.

In recent times it has become clear to organizations that the handling of data is a very important matter, as the exposure or misuse of data are both a serious threat to an organization's financial standing and reputation, and must be accounted for in each organization's risk posture. In terms of high-profile data breaches, this year has been no different than previous years, seeing its fair share of ransomware attacks and data exposure.

The emergence of cloud computing transformed the nature of IT ecosystems and infrastructure in many beneficial ways. From cost savings to flexibility to unparalleled scalability, the cloud’s advantages are well-documented. But it’s important not to overlook the fact that migrating to the cloud introduces many new points where unauthorized hackers can try to enter and launch a cyber-attack.

A phishing attack is a fraudulent email pretending to be from a safe, familiar, or reliable source intended to induce the email recipient to reveal personal information such as financial information, personally identifiable information (PII), Passwords, or credit and bank account numbers to the writer.

Using espionage methods for commercial or financial gain is known as corporate espionage, sometimes called industrial espionage, economic espionage or corporate spying. When we think of “espionage,” we usually imagine spies from one country attempting to obtain information about another. However, many of the same techniques — and even many of the same spies — are used in both realms.