Connect with us

Hi, what are you looking for?


Cybersecurity Funding

In Other News: Funding Increase, Abuse of Smartphone Location Data, Legal Matters

Noteworthy stories that might have slipped under the radar: cybersecurity funding increases, new laws, and government’s illegal use of smartphone location data.

Cybersecurity News tidbits

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.

Here are this week’s stories:  

US agencies illegally used smartphone location data

A report made public recently by the DHS Inspector General reveals that the Secret Service, Customs and Border Enforcement (CBP) and Immigration and Customs Enforcement (ICE) have illegally used smartphone location data acquired from third-party vendors that collected it through various innocent-looking applications, in many cases without the user’s knowledge or consent. 

Summary of cyberattacks targeting major industrial organizations

Kaspersky provides a summary of the most important cybersecurity incidents impacting industrial organizations in the first half of 2023. The incidents include ransomware attacks, data theft and other types of attacks. 

Advertisement. Scroll to continue reading.

Estes Express suffers disruptions due to cyberattack

American freight transportation company Estes Express has suffered an IT infrastructure outage due to a cyberattack. Little information is known, but the firm may have been targeted in a ransomware attack. 

Virginia Tech receives $10 million DoD award for sensing and cyber research

The Virginia Tech College of Engineering has received a $10 million DoD award for research in the fields of cyber and sensing. The money will be used for a Sensing and Cyber Center of Excellence whose research could benefit both military and commercial applications. 

Experts respond to EU’s Cyber Resilience Act

Experts have written a joint letter in response to the proposed EU Cyber Resilience Act (CRA), warning that “the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them”.

House passes bill on educational requirements for federal cybersecurity workforce

The US House of Representatives has passed a bipartisan bill called the ‘Modernizing the Acquisition of Cybersecurity Experts Act’, or MACE Act, which seeks to relax education requirements for government cybersecurity jobs. 

Court orders CISA to limit certain interactions with social media companies

A US appeals court has ordered the cybersecurity agency CISA to refrain from coercing or significantly encouraging social media companies to remove or reduce the spread of certain posts. The decision is related to CISA’s previous efforts to protect elections from online misinformation campaigns.  

Firefox 118 brings Encrypted Client Hello (ECH)

Mozilla has turned on Encrypted Client Hello (ECH) in Firefox 118, to address a security gap in TLS, by encrypting the initial handshake message to make it more difficult for threat actors to identify the website a user connects to. Relying on DNS over HTTPS (DoH), ECH was initially introduced in Firefox 85, but also needs adoption among website operators to provide improved protections to all users. 

AWS pushing mandatory MFA

Amazon Web Services said the use of multi-factor authentication (MFA) will be required starting in mid-2024. The cloud infrastructure giant said that when the enforcement kicks in, customers “signing in to the AWS Management Console with the root user of an AWS Organizations management account will be required to enable MFA to proceed.” The initiative will be expanded throughout 2024 to additional scenarios including standalone accounts.

High-severity vulnerabilities in ConnectedIO’s ER2000 edge routers

Claroty has shared information on the impact of several high-severity vulnerabilities in ConnectedIO’s ER2000 edge routers, which also affect the cloud-based device management platform and the communication protocol between the device and the platform. The issues could lead to remote code execution, information leaks, and potential full compromise of the cloud infrastructure. 

Sale of Forcepoint’s G2CI business to TPG complete

TPG has completed the acquisition of Forcepoint’s Global Governments and Critical Infrastructure (G2CI) cybersecurity business. As a result of the deal, Forcepoint’s G2CI has become an independent company. Sean Berg, former president of the G2CI business, has been named CEO of the new firm. Francisco Partners maintains ownership of Forcepoint’s remaining commercial business and a minority stake in Forcepoint G2CI.

Cybersecurity funding rises in Q3 2023

Pinpoint Search Group reported that Q3 2023 saw a 21% increase in cybersecurity funding compared to the same quarter of 2022. The total funding was $2.3 billion in Q3 2023. In addition, the 261 investment rounds recorded through the third quarter surpassed the 233 rounds seen the entire year in 2022. However, the total amount invested remains roughly 38% behind the total funding documented in 2022.

Related: In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking

Related: In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Private equity giant plans to buy Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit for $2.5 billion.