Here in Massachusetts, it’s been raining for nearly three weeks. Looking at the weather report each day has felt akin to reading the cybersecurity news headlines. What’s with all the gloom and doom? The reality, though, is what I’ve experienced in my little corner of the globe is not the shared experiences of everyone else in the world. Sometimes—especially when the weather is icky or when a misconfiguration causes a data leak, it’s easy to forget that there is a lot to appreciate and celebrate in our lives and our work.
Avast is likely bubbling with excitement as it is engaging in merger talks with NortonLifeLock. Arctic Wolf also has much to celebrate, with another $150 million bringing its total valuation to $4.3 billion, and Microsoft agreed to acquire RiskIQ. We can all applaud the news that cybersecurity companies are joining forces to “create a cybersecurity first responder credentialing program designed to support both large and small organizations dealing with cyber incidents,” according to ZDNet. This week’s news that the Senate unanimously approved Jen Easterly as the new CISA Director commemorates a major milestone. In the spirit of resilience and transformation, CISA issued guidance and resources to help stop ransomware as many organizations struggle to recover from recent ransomware attacks. Additionally, Politico reported, “The White House has formed a previously unannounced cross-government task force to coordinate a series of defensive and offensive measures against ransomware.” Onward and upward!
So, dear readers, let this serve as a reminder that when you actively seek good, you can find it. Now let’s take a look at what else made industry headlines this week.
July 16: CNBC reported, “Shares of Didi plunged in U.S. pre-market trade on Friday after officials from seven Chinese government departments visited the ride-hailing giant’s offices to conduct a cybersecurity review.”
July 15: A new cybersecurity bill spearheaded by Mark Warner, Chairman of the Senate Intelligence Committee, has received bipartisan support.
July 15: Security researchers have identified a number of phishing campaigns targeting Coinbase users.
July 14: The US Department of Justice reported, “A Wisconsin man was sentenced today to 36 months in prison for fraudulently seeking over $600,000 in Paycheck Protection Program (PPP) loans guaranteed by the Small Business Administration (SBA) under the Coronavirus Aid, Relief, and Economic Security (CARES) Act.”
July 14: Gizmodo reported, “Facebook announced on Tuesday that it plans to roll out new measures aimed at curbing the spread of fake news by allowing group administrators to appoint designated ‘experts’ in their spaces.”
July 14: “Microsoft on Tuesday released patches for four zero-day vulnerabilities that are being exploited in the wild,” Healthcare Info Security reported.
July 13: Infosecurity Magazine was the victim of a sustained DDoS attack that it continues to work to remediate.
July 13: The Russian-speaking hacking group REvil reportedly went dark though the cause of the outages was not clear.
July 13: “A critical remote code-execution (RCE) vulnerability in Schneider Electric programmable logic controllers (PLCs) has come to light, which allows unauthenticated cyberattackers to gain root-level control over PLCs used in manufacturing, building automation, healthcare and enterprise environments,” Threatpost reported.July 12: After completing an investigation of a cybersecurity incident that occurred in February, fashion retailer Guess alerted its customers of a data breach in which an unauthorized user may have accessed their personal information.