It’s been a busy week here at RSA Conference, with registration opening for our Asia Pacific & Japan 2020 virtual event. While we’ve been pulling together a rich agenda for our July 15-17 event, we’ve also been engaging with industry experts to deliver ongoing educational content. This week, we had two fantastic webcasts: One with Ed Skoudis, who talked about how to get the most value out of your penetration test, and another with Ryan Louie, Sergio Caltagirone and Ann Johnson, who talked about how to stay healthy while managing change.
You can find these webcasts and more on our new Cybersecurity Knowledge page. You’ll also find the Top 5 RSA Conference Resources blog series, with insights from our RSA Conference 2020 speakers. As usual, we’re also bringing you a collection of the cybersecurity headlines you might have missed this week. Let’s take a look.
May 8: Reuters reported, “Russia’s GRU military intelligence service appears to have got hold of many emails from Chancellor Angela Merkel’s constituency office in a 2015 hack attack on Germany’s parliament, Der Spiegel magazine reported on Friday, without citing its sources.”
May 7: According to a report from State Scoop, “An audit of the Oregon State Police’s cybersecurity practices published this week found that the agency is not following basic policies widely promoted by government agencies nationwide, including active management of its hardware and software inventory and user authorization.”
May 7: Researchers at Check Point uncovered evidence of a cyber espionage campaign that they attributed to Naikon APT group, which has been targeting national governments in the Asia-Pacific region.
May 7: “Red Canary Intel is monitoring a fresh threat which they have dubbed Blue Mockingbird after seeing it carry out opportunistic attacks at multiple organizations,” Infosecurity magazine reported.
May 6: Verodin, now part of FireEye, published a blog post featuring “Women Changemakers in Cybersecurity,” a compilation of women in cybersecurity podcasters whom Brian Contos, VP of Technology Innovation at Mandiant Solutions, has interviewed over the past year.
May 6: Threatpost reported that Microsoft announced a new bug-bounty program, offering a $100,000 bounty for specific scenarios discovered in its Azure Sphere offerings. The program will begin on June 1 and run through August. Additionally, Microsoft announced that it will acquire the Israeli startup CyberX at a price tag of $165 million, reported Haaretz.
May 6: The German-based Fresenius Group, Europe’s largest private hospital operator, was hit by a ransomware attack that reportedly limited some of the company’s operations, Krebs on Security reported.
May 5: According to (FireEye) Mandiant’s annual Security Effectiveness Report, companies have increased their security spend, but attackers are still successfully infiltrating their environments without detection, ZDNet reported.
May 4: TechRepublic reported that a new survey released by Cisco found the security teams at small and mid-sized businesses are proactively threat hunting, and defending their corporate data and networks as well as their larger counterparts.
May 4: “Cybersecurity companies are spending millions of dollars on lobbying efforts in Washington, seeking to influence policy makers as they reshape privacy and security laws,” The Wall Street Journal reported.