Microsoft explains its data center efficiency; Bell Canada boosts its 5G edge; and Forrester predicts cloud security improvements.

While there were indications of a slowed pace in the second half of 2021, zero-day exploitation is still expanding at an elevated rate, Mandiant found.

The deal merges next-generation firewall capabilities with public cloud scalability and management.

Google Cloud's CISO wants to talk about your digital immune system; Ericsson struggles with its history of criminal activity; and Arm appointed Rene Haas as CEO.

“Protecting the runtime is the foundation of securing the inner workings of a modern application,” VMware's Tom Gillis said.

In addition to Google Cloud and early Azure support, Lacework also unveiled a new name for its core cloud security platform: Polygraph Data Platform.

Vodafone opened a facility to develop silicon for open RAN; Microsoft and Google invested in the Alpha-Omega Project; and SDxCentral's top articles from January.

The Alpha-Omega Project will look for new, undiscovered vulnerabilities in open source code and then work with project maintainers to fix them.

Plus, a bug in the Linux kernel, discovered earlier this month, leaves Kubernetes clusters and other containerized workloads open to attack.

The summit follows a series of cyberattacks including one targeting Apache’s popular Java logging library that’s used in nearly every enterprise app and cloud service.

“Operators need to verify that the patch they’ve got in hand is safe to install and did indeed come from their vendor,” aDolus CTO Eric Byres said.

Hackers are exploiting a Log4Shell vulnerability in VMware Horizon; CNCF reports adoption of serverless computing has surged among edge developers.

“Our investigation shows that successful intrusions in these campaigns led to the deployment of the Night Sky ransomware,” Microsoft noted.

Before we start speculating on how bad the bugs are going to get next year, let’s take a look back at some of the worst cyberattacks of 2021.

NaaS soared in 2021; Nvidia touted a new DPU record; and the last 12 months were plagued with vulnerabilities from SolarWinds to Log4j.

“Software has bugs — sometimes severe security bugs, with significant potential consequences,” Forrester analysts wrote.

Cloud security unicorn Wiz says more than 89% of all IT environments have vulnerable Log4j libraries.

Rakuten Symphony extends cost transparency only to its customers; the Log4j vulnerability wreaks havoc; and Rockport ditches switches in HPC environments.

“This vulnerability is so dangerous because of its massive scale,” Forrester Analyst Allie Mellen said.

Other than Aqua, only Palo Alto Networks can secure all components of the application, Aqua CEO Dror Davidoff said.

Analysts are bewildered by Ericsson’s $6.2B acquisition; sponsorship matters for women in cybersecurity; and Red Hat plans to deploy SASE across telecom infrastructure.

The high-severity vulnerability leaves Cisco's FTD and ASA firewall families open to denial-of-service attacks.

“With every Yin, there is a Yang, and while IaC increases agility, any misconfiguration can cause a security risk,” analyst Zeus Kerravala said.

Unit 42 has seen a 188% increase in cloud incident response cases, Palo Alto Networks SVP Wendi Whitmore said.