Weekly News Roundup February 27–March 3, 2023


Posted on by Kacy Zurkus

This week, the US, EU, and Canada joined the list of countries that have banned the use of TikTok on federally issued devices and systems. However, a vote by the US House Foreign Affairs Committee potentially also affords the Biden administration even greater restrictive powers. According to Reuters, “The bill does not precisely specify how the ban would work, but gives Biden power to ban any transactions with TikTok, which in turn could prevent anyone in the United States from accessing or downloading the app on their phones.”

Meanwhile, the Russian government has reportedly banned the use of foreign messaging apps. “The services listed as part of the ban are: Discord, Microsoft Teams, Skype for Business, Snapchat, Telegram, Threema, Viber, WhatsApp and WeChat,” according to Infosecurity Magazine.

Perhaps the most noteworthy news came from the White House this week when the Biden administration released its National Cyber Strategy. One aspect of the plan “would shift the burden of cybersecurity from individuals and small businesses to organizations that are best equipped to mitigate cyber risks.” Identifying ransomware as a national security threat, the plan’s five basic pillars aim to increase collaboration between the public and private sectors and identify “offensive cyber actions against hackers and nation-states” as part of a holistic national security approach.

No doubt, the news that both Dish Network and US Marshals Service revealed it was the victim of a ransomware attack affirms the gravity of ransomware’s threat to national security.

Mar. 3: Only a day after the White House published its National Cyber Strategy, the Environmental Protection Agency released a memo requiring all states to assess the cybersecurity practices of public water systems.

Mar. 2: AP reported, “Republican senators are accusing the Biden administration of using $39 billion meant to build computer chip factories to further “woke” ideas such as requiring some recipients to offer child care and encouraging the use of union labor.”

Mar. 2: Bloomberg reported that Coinbase, Galaxy Digital, and Paxos have all announced that they will “no longer accept or initiate payments” through the cryptocurrency bank Silvergate.

Mar. 2: Reuters reported, “An American computer scientist on Thursday urged the United Kingdom’s Supreme Court to rule he is entitled to patents over inventions created by his artificial intelligence system, in a landmark case about whether AI can own patent rights.”

Mar. 2: GoodRx issued a notice to its customers acknowledging that the Federal Trade Commission alleged the company had not obtained customer consent before sharing sensitive health data with third parties, including Facebook, for advertising purposes.

Mar. 1: According to The Hacker News, “A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape.”

Feb. 28: Wired published a rundown of all the security flaws that were patched during the month of February, including vulnerabilities in iOS, Microsoft, Google, Firefox, and more.

Feb. 28: “As the Biden administration begins its campaign to urge Congress to renew a controversial surveillance provision that authorizes intelligence agencies to carry out warrantless data collection, it will face a skeptical Congress where distrust of government spying runs deep,” CyberScoop reported.

Feb. 27: A new report published by Recorded Future examined the impact the war in Ukraine has had on the state of cybercrime.

Feb. 27: LastPass on Monday announced that a malicious actor gained unauthorized access to an employee’s home computer and obtained a decrypted vault available to only a handful of company developers.


Contributors
Kacy Zurkus

Senior Content Manager, RSA Conference

RSAC Insights

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs