Weekly News Roundup February 1-5, 2021


Posted on by Kacy Zurkus

As towns and cities across the country and around the world continue to solve for the challenges of remote learning, Microsoft said it has seen a stark increase in the number of Business Email Compromise (BEC) attacks targeting schools. While it’s no surprise that attackers would victimize the most vulnerable, it’s encouraging to see that IBM announced a $3 million grant intended to be used to protect K-12 schools against cyberthreats.

Additionally, comforting is news from TikTok that it will not only continue to remove misinformation when identified but also will prompt new alerts if content contains potentially misleading information. In fact, combating disinformation is a priority for many in both the public and private sectors.

In other news, Reuters reported, “Suspected Chinese hackers exploited a flaw in software made by SolarWinds Corp to help break into U.S. government computers last year, … marking a new twist in a sprawling cybersecurity breach that U.S. lawmakers have labeled a national security emergency.”

Alas, the industry headlines were many, this week. Let’s take a look at some of the top news stories affecting cybersecurity.

Feb. 5: An unauthorized third party reportedly stole source code and customer data from a French cybersecurity company with government agencies among its clients.

Feb. 4: Members of a hacking group known as “OGUsers” were issued a cease and desist letter from Instagram’s parent company Facebook after it discovered the group had been exploiting the site to create usernames with handles of fewer than five letters to be resold in a secondary market, according to Bloomberg.

Feb. 4: President Biden addressed the US Department of State and promised, “the United States rolling over in the face of Russia’s aggressive action … are over,” the Independent reported.

Feb. 4: CyberScoop reported that Chinese diplomats as well as Venezuelan and Pakistani politicians have started to amplify some recent pro-Chinese government tweets from a campaign known as Spamouflage Dragon.

Feb. 4: Canada’s Office of the Privacy Commissioner ruled that the collection of facial-recognition data by New York-based Clearview AI was illegal.

Feb. 3: Joint law enforcement agencies had another successful takedown—this time of “an organized crime group involved in fraud and money laundering,” according to Europol.  

Feb. 2: “The software company SolarWinds unwittingly allowed hackers’ code into thousands of federal computers. A cybersecurity system called in-toto, which the government paid to develop but never required, might have protected against this,” ProPublica reported.

Feb. 2: According to Al Jazeera, Bangladesh purchased Israeli-made spying tools to be added to its arsenal of military intelligence tools despite the fact that trade with Israel is prohibited in Bangladesh.

Feb. 1: “A bipartisan group of senators introduced legislation on Friday aimed at helping domestic violence and stalking victims safely extricate themselves from shared phone plans that could enable their partners to spy on them,” CyberScoop reported.

Feb. 1: After initially denying a compromise, BigNox, an online gaming site in Asia, acknowledged that it had suffered a supply-chain attack that impacted the update mechanism of NoxPlayer, which is part of its product range with more than 150 million global users, We Live Security reported. 


Contributors
Kacy Zurkus

Senior Content Manager, RSA Conference

Privacy Hackers & Threats

privacy hackers & threats supply chain ransomware email security cyber warfare & cyber weapons

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs