Happy St. Patrick’s Day, dear readers. After an exciting Pi Day, we survived the Ides of March, and now it’s time to celebrate the beloved shamrock. What’s most exciting is that we are on the precipice of spring, and Mother Nature will magically give new life to all that surrounds us. This time of transformation that births a rainbow of vibrant colors is exciting, and I am looking forward to dancing with the daffodils in San Francisco next month at RSA Conference 2023.
Today, though, I’m in Denver for the WiCyS 2023 conference, where I’ll be facilitating a conversation about building the cybersecurity workforce of the future. It’s a theme that’s trending in many sessions across the agenda. In fact, today starts with several inspirational keynotes that will be followed by a session with Camille Stewart Gloster and Suzanne Neilson. These women will engage participants in an open forum on National Cyber Workforce and Education Strategy.
As is typically the case at any conference, I’m struggling to decide which session to attend for the afternoon. There’s so much rich content, but I can’t be everywhere. And even though I followed the advice RSA Conference always gives to attendees and planned out my agenda, I want to sit in on multiple sessions.
The good news is that WiCyS is recording some of the sessions, so I—like many RSAC 2023 attendees—will be able to view or listen to those that I missed. Did you miss out on RSAC 2022? Check out our Library of content for any past sessions you missed at Conference, and be sure to reserve a seat for this year’s must-see sessions.
Now let’s look at what else made cybersecurity headlines this week.
Mar. 17: London’s Metropolitan Police was cited by the Information Commissioner’s Office for “failing to properly maintain records on organized crime groups (OGCs), resulting in inaccurate information being stored on a key database,” Infosecurity Magazine reported.
Mar. 16: According to Security Week, “Critical security flaws expose Samsung’s Exynos modems to ‘Internet-to-baseband remote code execution’ attacks with no user interaction. Project Zero says an attacker only needs the victim’s phone number.”
Mar. 15: Nation-state actors have allegedly been using fake LinkedIn profiles to collect information on users, Wired reported.
Mar. 15: “Two men broke into a federal law enforcement database and a Bangladeshi police officer’s email account to conduct extortion schemes, U.S. law enforcement officials say.”
Mar. 14: Reuters reported, “Britain’s National Cyber Security Centre is reviewing whether Chinese-owned video app TikTok should be banned from government phones.”
Mar. 14: Multiple news sources reported on this week’s Patch Tuesday from Microsoft, which issued a patch for at least 80 Windows vulnerabilities, including a zero-day that has been exploited in Microsoft Outlook.
Mar. 13: According to CyberScoop, “Congressional officials believe 21 members of Congress have seen their personal information leaked online.”
Mar. 13: In the aftermath of SVB’s insolvency, some expressed concern about the future of cybersecurity investments.
Mar. 13: The FBI released its annual IC3 report, which revealed Americans lost an astounding $10.3 billion to internet scams in 2022.