SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
US agencies illegally used smartphone location data
A report made public recently by the DHS Inspector General reveals that the Secret Service, Customs and Border Enforcement (CBP) and Immigration and Customs Enforcement (ICE) have illegally used smartphone location data acquired from third-party vendors that collected it through various innocent-looking applications, in many cases without the user’s knowledge or consent.
Summary of cyberattacks targeting major industrial organizations
Kaspersky provides a summary of the most important cybersecurity incidents impacting industrial organizations in the first half of 2023. The incidents include ransomware attacks, data theft and other types of attacks.
Estes Express suffers disruptions due to cyberattack
American freight transportation company Estes Express has suffered an IT infrastructure outage due to a cyberattack. Little information is known, but the firm may have been targeted in a ransomware attack.
Virginia Tech receives $10 million DoD award for sensing and cyber research
The Virginia Tech College of Engineering has received a $10 million DoD award for research in the fields of cyber and sensing. The money will be used for a Sensing and Cyber Center of Excellence whose research could benefit both military and commercial applications.
Experts respond to EU’s Cyber Resilience Act
Experts have written a joint letter in response to the proposed EU Cyber Resilience Act (CRA), warning that “the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them”.
House passes bill on educational requirements for federal cybersecurity workforce
The US House of Representatives has passed a bipartisan bill called the ‘Modernizing the Acquisition of Cybersecurity Experts Act’, or MACE Act, which seeks to relax education requirements for government cybersecurity jobs.
Court orders CISA to limit certain interactions with social media companies
A US appeals court has ordered the cybersecurity agency CISA to refrain from coercing or significantly encouraging social media companies to remove or reduce the spread of certain posts. The decision is related to CISA’s previous efforts to protect elections from online misinformation campaigns.
Firefox 118 brings Encrypted Client Hello (ECH)
Mozilla has turned on Encrypted Client Hello (ECH) in Firefox 118, to address a security gap in TLS, by encrypting the initial handshake message to make it more difficult for threat actors to identify the website a user connects to. Relying on DNS over HTTPS (DoH), ECH was initially introduced in Firefox 85, but also needs adoption among website operators to provide improved protections to all users.
AWS pushing mandatory MFA
Amazon Web Services said the use of multi-factor authentication (MFA) will be required starting in mid-2024. The cloud infrastructure giant said that when the enforcement kicks in, customers “signing in to the AWS Management Console with the root user of an AWS Organizations management account will be required to enable MFA to proceed.” The initiative will be expanded throughout 2024 to additional scenarios including standalone accounts.
High-severity vulnerabilities in ConnectedIO’s ER2000 edge routers
Claroty has shared information on the impact of several high-severity vulnerabilities in ConnectedIO’s ER2000 edge routers, which also affect the cloud-based device management platform and the communication protocol between the device and the platform. The issues could lead to remote code execution, information leaks, and potential full compromise of the cloud infrastructure.
Sale of Forcepoint’s G2CI business to TPG complete
TPG has completed the acquisition of Forcepoint’s Global Governments and Critical Infrastructure (G2CI) cybersecurity business. As a result of the deal, Forcepoint’s G2CI has become an independent company. Sean Berg, former president of the G2CI business, has been named CEO of the new firm. Francisco Partners maintains ownership of Forcepoint’s remaining commercial business and a minority stake in Forcepoint G2CI.
Cybersecurity funding rises in Q3 2023
Pinpoint Search Group reported that Q3 2023 saw a 21% increase in cybersecurity funding compared to the same quarter of 2022. The total funding was $2.3 billion in Q3 2023. In addition, the 261 investment rounds recorded through the third quarter surpassed the 233 rounds seen the entire year in 2022. However, the total amount invested remains roughly 38% behind the total funding documented in 2022.