Twitter’s hack was one of the most large-scale social media attacks to date, with over 130 high-profile accounts targeted. While many social media users remain tentative about the identity of those behind the blue check handles, professionals in our industry are trying to get to the bottom of the attack. CNN Business wrote, “With the level of access they enjoyed, the hackers could have triggered a sell-off in the financial markets, issued fake policy pronouncements or disrupted entire presidential campaigns.”
We also learned this week that “Not only were Russian operatives trying to steal information about the development of a coronavirus vaccine, but it was being done by the same Russian intelligence unit that hacked into the Democratic National Committee back during the 2016 presidential election,” according to PBS and multiple news sites.
While these are both stories worth following, let’s take a look at what else happened in our industry.
July 17: Colorado State University announced a new Bachelor of Science in Cybersecurity program, which was, “developed in alignment with leading industry-recognized certifications,” Security Magazine reported.
July 17: Clearance Jobs warned that malicious actors continue to use phishing attacks to scam people into sharing their personal data, and encouraged travelers to use multi-factor authentication and refrain from clicking on links.
July 16: Federal News Network reported, “lawmakers on the Cyberspace Solarium Commission urged members of the House Oversight and Government Reform Committee to pass legislation that would bring back and strengthen the national cybersecurity coordinator position the White House scrapped two years ago.”
July 16: Arizona, Louisiana, Massachusetts and Texas are fours states that have signed on to a pilot program led by Johns Hopkins University and will be implementing Security Orchestration, Automation and Response (SOAR) tools developed by the Applied Physics Laboratory to automate “the more repetitive tasks of cybersecurity.”
July 16: Christopher Krebs, Director at the Cybersecurity and Infrastructure Security Agency (CISA), “directed agencies to apply the July 2020 Security Update for Windows Servers running DNS (CVE-2020-1350), or the temporary registry-based workaround if patching is not possible within 24 hours. The software update addresses a significant vulnerability where a remote attacker could exploit it to take control of an affected system and run arbitrary code in the context of the Local System Account.”
July 15: During a virtual event on national security hosted by The Hill, Secretary of State Mike Pompeo said he is confident that foreign adversaries will interfere in the 2020 US elections.
July 14: ZDNet reported, “The MGM Resorts 2019 data breach is much larger than initially reported, and is now believed to have impacted more than 142 million hotel guests.”
July 14: Trend Micro has teamed up with Girls in Tech to provide cybersecurity training to young women and girls across the globe.
July 13: A security researcher at Independent Security Evaluators, “uncovered several Common Vulnerabilities and Exposures or CVEs—a system used by security professionals to reference publicly known cybersecurity vulnerabilities,” Motherboard reported.