When you think of holidays, does March come to mind? May, July, September, November, and December stand out as the host of ‘big’ holidays, but March usually flies under the radar. While there are spiritual holidays being honored the world over this month, March is also filled with many fun non-religious or federal holidays, many of which fall during this week. On March 14, math lovers enjoyed a delicious honoring of Pi Day while Shakespeare fans guard their backs on the Ides of March.
My daughters are among the millions of people who are pulling out the shamrock décor and green beaded necklaces in celebration of St. Patrick’s Day (side note: Just the other day one was begging me to take her to McDonald’s for the Shamrock Shake), but the fast food chain made headlines today for what was reportedly a “global tech outage.”
Alas, the luck of the Irish can’t defend against today’s cyberthreats. In closing, I do hope you all enjoy a splendid weekend, dear readers, but keep this post from @reachoutit in mind as it’s sage cybersecurity advice.
Interesting in learning more about how to augment your organization’s cybersecurity strategy? Check out the array of content available in the RSAC Library or visit RSAC Marketplace where you will find a vast selection of cybersecurity vendors and service providers who can assist with your specific needs.
Now let’s take a look at what else made industry headlines this week.
March. 15: Congress voted to ban TikTok, due to concerns of data privacy and data storage. Adam Marre, CISO at Artic Wolf stated, “the platform’s capacity to covertly influence societal perceptions, coupled with its potential for exploiting the immense amount of detailed data they collect in ways detrimental to US interests, elevates the risk.”
March. 14: Security Magazine reported “Netcraft’s new research reveals that it uncovered and blocked around 13,000 fraudulent investment platform domains in January alone. These false investments platform domains were found across more than 7,000 IPs.”
March. 14: “Two companies that claimed they could help rid computers of viruses and malware agreed to pay $26 million to settle US Federal Trade Commission charges they duped consumers, particularly older adults, into buying repair services they did not need.” Reuters reported.
March. 13: Leicester city is in recovery after cyber incident that led the city council to shut down its phone lines and IT systems. Richard Sword, strategic director of city development and neighborhood services, stated, “it will take time before all systems are fully working again.”
March. 13: The US Health Department opens probe into the recent UnitedHealth hack. The US government recently opened an investigation to find out whether there was a breach of protected health data and if the company followed US health privacy law.
March. 13: The Register reported “Stanford University failed to detect ransomware intruders for four months, 27,000 individuals had data stolen, which for some included names and social security numbers.”
March. 12: “GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days” Bleeping Computer reported.
March. 11: Voice phishing (vishing) scams are rising globally, with a notable case in South Korea involving $3 million loss. The sophisticated scams include impersonating regional law-enforcement officials, giving them an authority that is highly convincing.
March. 11: President Biden proposed the budget for fiscal year 2025, including $3 billion to fund the Cybersecurity and Infrastructure Security Agency (CISA) to make cyberspace more resilient and defensible.