Weekly News Roundup October 10–14, 2022

Posted on by Kacy Zurkus

There’s a strong possibility that residents in the United States could be turning the clocks back for daylight savings time in November for the final time. What does this have to do with cybersecurity? As is the case with most things, there are ripples. According to Bleeping Computer, Microsoft issued a patch that “Addresses a known issue that affects daylight saving time in Chile. This issue might affect the time and dates used for meetings, apps, tasks, services, transactions, and more.”

As for me, I’m just trying to see the light at the end of the tunnel because the RSA Conference 2023 Call for Submissions has closed, and boy, did we get a lot of submissions! It’s exciting to see so much interest, and I love reading the innovative ideas people put forth for consideration. I can’t wait to see what submissions are selected.

While April might feel months away, April is only months away. There’s much to be done in preparation for Conference, just as there is much to be done to prepare organizations to better detect and respond to cyberattacks, especially when it comes to elections.

To learn more about threat detection and incident response, explore the content available in our Library.

Now let’s take a look at what else made cybersecurity headlines this week.

Oct. 14: Security researchers at Cisco Talos cautioned that a new attack framework known as Alchimist is being used in the wild to target Windows, Linux, and macOS systems, according to Security Week.

Oct. 14: Check Point’s 2022 Mid-Year Report found that the education and research sector was the industry most targeted with cyberattacks in 2021.

Oct. 13: “The Church of Jesus Christ of Latter-day Saints announced a cyber attack earlier this year was able to access the personal data of church members, employees and others,” according to Fox 13 News.

Oct. 13: Research published by the Symantec Threat Hunter Team found that a Chinese-linked cyberespionage group, dubbed Budworm, Bronze Union, APT27, Emissary Panda, Lucky Mouse, and Temp.Hippo, had been targeting the networks of US state legislatures.

Oct. 13: The Hacker News reported, “A novel timing attack discovered against the npm’s registry API can be exploited to potentially disclose private packages used by organizations, putting developers at risk of supply chain threats.”

Oct. 12: After several US airport websites were targeted in a cyberattack, the Transportation Security Administration said it intends to issue new cybersecurity mandates for aviation systems.

Oct. 12: The Wall Street Journal reported, “Private-equity firm Vista Equity Partners has struck a deal to purchase cybersecurity provider KnowBe4 Inc. for $4.6 billion in an increasingly rare leveraged buyout as financing for such deals has become harder to secure.”

Oct. 11: “Japanese car giant Toyota has warned that nearly 300,000 customers may have had their personal data leaked after an access key was publicly available on GitHub for almost five years,” Infosecurity Magazine reported.

Oct. 10: AP News reported, “The head of Germany’s national cybersecurity agency is under scrutiny over reports of ties to Russian intelligence.”

Oct. 10: “Some of the nation’s largest airports have been targeted for cyberattacks Monday by an attacker within the Russian Federation,” according to a report from ABC News.

Kacy Zurkus

Senior Content Manager, RSA Conference

RSAC Insights

cyber espionage cyber warfare & cyber weapons threat intelligence incident response cyberattacks critical infrastructure patch vulnerability & configuration management zero day vulnerability

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs