When I returned from RSA Conference last weekend, I received a delightful expression of gratitude from one of our Room Host volunteers. She encouraged me to rest on my laurels, but in all honestly, I’ve had a lot of sleepless nights this week. I was still riding the high of Conference. Perhaps you’ve had a similar experience—that’s it’s taken all week to settle down from all the excitement. While it’s hard to convey in writing the utter joy that so many in the community shared last week, Britta Glade and Hugh Thompson articulate the pride and excitement very well in this RSAC 2022 recap.
It's also been fun to read about different people’s top takeaways from RSA Conference 2022 throughout the week. I’d have to say my favorite quote comes from Kevin Gosschalk. In his Security Boulevard blog, Gosschalk wrote, “True to its theme ‘Transform’, the RSA Conference 2022 was able to transform the fast-moving infosec landscape with insights and information nuggets from over 300 keynotes and sessions.” I think I can speak for the whole team when I say we so appreciate this validation and love that attendees and exhibitors had such a positive experience.
As our team begins the process of planning for RSAC 2023, let’s look at what else made industry headlines this week.
Jun. 17: “A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack,” The Hacker News reported.
Jun. 16: A phishing scam targeting Facebook users began last September and has reportedly duped upwards of 10 million users into sharing their credentials.
Jun. 16: Wired’s Andy Greenberg reported that police in India allegedly used hacking tools to plant false evidence on the computers of Indian activists, and those same police then used the incriminating evidence to arrest the targets.
Jun. 16: According to Infosecurity Magazine, “Intel 471 said criminals are using insiders, including border service staff, to offer people smuggling services on the dark web. Since the start of the war, the Ukrainian government has forbidden any males of fighting age from leaving the country.”
Jun. 16: The CyberPeace Institute published an interactive platform using visualization to highlight the impact of cyberattacks on civilians in Ukraine.
Jun. 15: Because it aims to expand the use of artificial intelligence and machine learning, US Cyber Command has released a survey of machine learning requirements across the Defense Department, according to Federal News Network.
Jun. 15: “A former CIA software engineer charged with causing the biggest theft of classified information in CIA history defended himself at the start of his trial Tuesday, telling jurors he was falsely accused and the victim of a political witch hunt,” Security Week reported.
Jun. 15: At only 27 years old, Microsoft’s web browser, Internet Explorer, is retiring.
Jun. 14: CSO Online reported, “Cybersecurity professionals face immense pressure to keep businesses secure, and this stress is leading many to consider leaving the industry altogether.”
Jun. 13: “In the past year, federal prosecutors and FBI agents have increased their efforts to defeat botnets and contain malware outbreaks by directly removing malicious code from infected computers, without the knowledge or authorization of those computers’ owners,” Politico reported.
Jun. 13: The Port Swigger reported, “The French government has launched an invite-only bug bounty program for its newly launched identity authentication application, ‘France Identité’.”