Weekly News Roundup March 21–25, 2022


Posted on by Kacy Zurkus

Many a cybersecurity warning was published this week, evidence of escalating concerns that Russia is plotting cyberattacks against the United States. CISA and the FBI warned that Russian hackers may be “exploring options to conduct potential cyberattacks.” The Wall Street Journal published news that AI experts are concerned about potential attacks on the financial sector, and in a statement on the nation’s cybersecurity published by the White House, President Biden urged “our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”

We also saw legislators examining the reporting and incident response steps taken by companies who were victims of REvil ransomware attacks. “In each case, REvil successfully infiltrated and encrypted the systems of the companies. All of the firms had prepared incident response plans and had notified the federal government. None of them paid the ransom,” The Record reported.

While all organizations across the public and private sectors are urged to boost their defenses, threats to US critical infrastructure remain a top concern. To learn more about making security simpler and developing an incident response plan, explore a variety of content available in the RSA Conference Library.

Here’s a look at other news that made cybersecurity headlines this week.

Mar. 25: The Cybersecurity 202 reported, “The Russian military was behind a hack of the satellite firm Viasat in the early days of the Ukraine invasion, U.S. intelligence analysts conclude, and U.K. police arrested seven people in the Lapsus$ hacking case.”

Mar. 24: A 23-year-old Russian national, Igor “Floraby” Dekhtyarchuk, alleged to have operated a dark web marketplace where cybercriminals could purchase stolen data and credentials, was indicted by the US Department of Justice.

Mar. 24: Engadget reported, “Cybersecurity researchers investigating the [Okta] attacks have traced them to a 16-year-old living with his mother near Oxford, England, according to Bloomberg.” Okta and Microsoft are reportedly not the only victims.

Mar. 23: Okta’s CSO David Bradbury said that 366 customers were impacted during the five-day window in January when hackers accessed the laptop of a third-party contractor.

Mar. 23: Together with the Cloud Security Alliance (CSA) and the Bank Policy Institute (BITS), the Cyber Risk Institute (CRI) announced the release of a collaborative cloud extension, a set of cybersecurity and cloud deployment expectations for the CRI Profile version 1.2.

Mar. 23: CSO Online reported, “Spurred by recent attacks, some U.S. states are taking action and allocating funds to boost their defenses against cyber threats.”

Mar. 22: “HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models,” BleepingComputer reported.

Mar. 22: There’s potential that the Department of Defense may have more opportunities to do Zoom meetings as the videoconferencing platform received expanded authorization for Impact Level 4 (IL4) meetings.

Mar. 22: An app that has been downloaded from the Google Play Store over 100,000 times has been removed because it reportedly contains password-stealing malware.

Mar. 21: The Hacker News reported, “A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks.”

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

RSAC Insights

incident response cyberattacks cloud security risk management application security mobile security critical infrastructure

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community