Weekly News Roundup February 7-11, 2022


Posted on by Kacy Zurkus

2021 was a record-breaking year for cybersecurity mergers and acquisitions, with more than 430 deals announced, according to a report published by Security Week. Additionally, Momentum Cyber noted in its Cybersecurity Almanac 2022 that the industry saw $77.5 billion in M&A volume and $29.3 billion in PE & VC investments last year.

As 2022 gets underway, Microsoft has its eye on Mandiant, according to a Bloomberg report earlier this week. Threats continue to grow, leaving defenders looking for the best solutions that will protect their critical assets—hence the M&As and hefty investment in startups. Yet Kelly Shortridge, Senior Principal Product Technologist at Fastly, told CyberScoop, “Because [cybersecurity] practitioners struggle to measure security outcomes, it’s very easy for a startup to claim that a bunch of problems across infosec remain unsolved by existing vendors.”

Organizations are also increasing their security spending. A recent Forrester study reportedly found that organizations will continue to increase their investments in Zero Trust-related technologies, suggesting that “68% of organizations plan to increase their zero-trust investment this year, despite reporting difficulties in obtaining funding. 36% of their total spending will be allocated to micro-segmentation projects.”

Join the RSAC 365 Virtual Seminar & Innovation Showcase: Zero Trust to hear from two companies that are innovating in the Zero Trust space. You can also explore educational content available in our Library.

Let’s look at what else made cybersecurity headlines this week.

Feb. 11: Reuters reported, “The White House is warning the chip industry to diversify its supply chain in case Russia retaliates against threatened U.S. export curbs by blocking access to key materials, people familiar with the matter said.”

Feb. 11: Apple has issued a patch for a WebKit Zero Day that has been actively exploited, allowing malicious actors to “execute arbitrary code after processing malicious web content.”

Feb. 10: Avita Health System issued a statement about a cybersecurity incident in which unauthorized activity was detected and stopped.

Feb. 10: The Hacker News reported, “French data protection regulators on Thursday found the use of Google Analytics a breach of the European Union’s General Data Protection Regulation (GDPR) laws in the country, almost a month after a similar decision was reached in Austria.”

Feb.9: Malware discovered on a cybersecurity company in Iran has caught the attention of the global community, with Bloomberg reporting the attack could be an indication that “the cyber arms race will only continue.”

Feb. 9: According to new analysis from VMWare, attackers are increasingly using malware to target Linux.

Feb. 9: Krebs on Security reported, “Russian authorities have arrested six men accused of operating some of the most active online bazaars for selling stolen payment card data. The crackdown — the second closure of major card fraud shops by Russian authorities in as many weeks.”

Feb. 8: A New York couple was arrested on charges of plotting to launder $4.5 billion in cryptocurrency.

Feb. 8: “Poland’s defense minister on Tuesday appointed an army general to head a new Cyber Defense Force to officially launch the unit’s operation,” Security Week reported.

Feb. 7: Meter, a cryptocurrency firm that provides decentralized finance infrastructure services, lost $4.4 million after hackers exploited a bridge vulnerability.

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

Innovation & Startups

business continuity & disaster recovery zero trust zero day vulnerability patch vulnerability & configuration management malware secure payments & cryptocurrencies supply chain

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community