Weekly News Roundup October 31–November 4, 2022

Posted on by Kacy Zurkus

Ransomware returned to headlines this week, with the White House hosting the Second International Counter Ransomware Initiative Summit. According to a press release, “Throughout the Summit, CRI and private sector partners discussed and developed concrete, cooperative actions to counter the spread and impact of ransomware around the globe.” The CRI established a series of initiatives, including creating an International Counter Ransomware Task Force and building stronger relationships with private-sector partners to actively share information.

While defenders were busy planning their strategies for enhancing cyber capabilities, attackers continued to target victims. A new report published by the US Treasury Department’s Financial Crimes Enforcement Network found a sharp increase in ransomware attacks in 2021. Similarly, the UK’s National Cyber Security Centre (NCSC) noted the pervasive threat of ransomware in a report released this week. Additionally, cybersecurity researchers identified a new analysis tool being used by the Black Basta ransomware operation, indicating they could be linked with another threat group dubbed FIN7.

To learn more about the most dangerous new attacks and how to prepare for cyberthreats in ICS, visit the RSAC Library, where you’ll find thousands of webcasts, podcasts, blog posts, and more.

Now let’s look at what else made cybersecurity headlines this week.

Nov. 4: “A business email compromise (BEC) group dubbed ‘Crimson Kingsnake’ has recently been spotted impersonating well-known international law firms to trick recipients into approving overdue invoice payments,” Infosecurity Magazine reported.

Nov. 3: Australia’s Cyber Security Centre reported the agency saw a 13% increase in the number of cybercrimes with attackers targeting businesses, government agencies, and citizens.

Nov. 3: The Record reported, “Jeppesen, a wholly-owned Boeing subsidiary that provides navigation and flight planning tools, confirmed on Thursday that it is dealing with a cybersecurity incident that has caused some flight disruptions.”

Nov. 3: Biometric monitoring technologies are being deployed across multiple sports stadiums around the world in advance of the 2022 World Cup.

Nov. 3: An attacker reportedly targeted a US media company with malware resulting in a supply chain attack that impacted more than 250 news sites across the country.

Nov. 2: CNN Business reported, “The US government should ban TikTok rather than come to a national security agreement with the social media app that might allow it to continue operating in the United States, according to Brendan Carr, a commissioner at the Federal Communications Commission.”

Nov. 1: CISA Director Jen Easterly asserted that the election infrastructure is well protected in advance of midterm elections and warned that normal mishaps and glitches that are not typically nefarious could be leveraged to spread disinformation related to elections.

Nov. 1: Dark Reading reported, “With the vast majority of business leaders expecting a recession in 2023, cybersecurity firms are bolstering their operations and cash flow by laying off workers.”

Oct. 31: “The Army is exploring how to use Software Bills of Material requirements in contracts, potentially putting the military department at the leading edge of federal organizations looking to use “SBOMs” to secure their software supply chains,” according to Federal News Network.

Kacy Zurkus

Senior Content Manager, RSA Conference

RSAC Insights

supply chain ransomware software integrity cyberattacks critical infrastructure security awareness biometrics disinformation campaigns/fake news security jobs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs