Weekly News Roundup February 28–March 3, 2022


Posted on by Kacy Zurkus

While the world continues to face uncertainties, one thing we do know for sure is that our hearts are heavy. A friend of mine wrote in a LinkedIn post, “In war, there is only one winner and no room for the loser’s truth. Only in negotiation do both sides win.” As I write this, another round of Ukraine-Russia talks is underway in Belarus. My hope is that the leaders can negotiate a resolution that will bring peace, security, and new prosperity to all those impacted by this war.

If I put on my rose-colored glasses, I can see the good that has co-existed alongside the tragedy of this week. What has been uplifting to see is the burgeoning of public-private partnerships that have come to the fore. In the spirit of partnership, Boise State University is leveraging its Cyberdome Program to offer cybersecurity help to some of Idaho’s rural communities. Additionally, the Strengthening American Cybersecurity Act was unanimously passed in the Senate on Tuesday.

You can learn more about government and private sector collaboration and enhancing cyber readiness by exploring content available in our Library.

Let’s look at what else made cybersecurity headlines this week.

Mar. 3: When it comes to the Internet of Things, some argue that the lack of basic security in IoT means that passwords are not enough to protect devices.

Mar. 3: The Daily Swig reported, “Hackers Without Borders (HWB) is a Geneva-based non-governmental organization (NGO) that is offering emergency infosec assistance to other NGOs and providers of critical services.”

Mar. 2: Kytch, the tiny startup that designed a device to remotely monitor and troubleshoot McDonald’s broken ice cream machines, has reportedly filed a lawsuit against the fast-food giant.

Mar. 2: Infosecurity Magazine reported, “Nvidia has released more details of an apparent ransomware attack on its networks, admitting that internal data has been taken.”

Mar. 2: “A hacking group with a history of phishing attacks and disinformation against NATO nations may be using compromised Ukrainian armed service member emails to target European officials tasked with managing logistics around refugees fleeing Ukraine,” CyberScoop reported.

Mar. 1: Krebs on Security offered a deep dive into the Conti Ransomware Group Diaries that were leaked on Twitter.

Mar. 1: Bleeping Computer reported, “A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands.”

Mar. 1: Threatpost reported, “Malicious emails warning Microsoft users of ‘unusual sign-on activity’ from Russia are looking to capitalizing on the Ukrainian crisis.”

Feb. 28: Academics from Tel Aviv University discovered what was deemed a severe design flaw that affected about 100 million Android-based Samsung phones.

Feb. 28: Sweden-based Axis Communications, which provides network cameras to governments and the private sector, said that its operations were recently disrupted because of an “IT-related intrusion,” Security Week reported.

Feb. 28: “U.S.-listed satellite communications firm Viasat Inc said on Monday it was investigating a suspected cyberattack that caused a partial outage in its residential broadband services in Ukraine and other European countries,” Reuters reported.

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

RSAC Insights

risk management policy management ransomware Internet of Things phishing security awareness security architecture cyber warfare & cyber weapons cyberattacks

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community