CyberSecurity Knuggets

Jan 20, 2024

In recent news, the US Congress is considering making the DHS Cyber Safety Review Board (CSRB) a permanent organization in the US cybersecurity space. The CSRB was established in May 2021 after the SolarWinds supply chain attack, and it’s tasked with investigating cybersecurity-related incidents that affect the US government and issuing recommendations to improve security measures across both the US public and private sectors. However, there are concerns about the effectiveness of the CSRB, with some experts pointing out issues such as the lack of subpoena powers, transparency, and independence. There are also concerns about the composition of the board, with calls for dedicated investigators rather than industry figureheads to be part of it.

In addition to this, there have been reports of DDoS attacks hitting Swiss sites and a cyberattack on Kyivstar, Ukraine’s largest mobile operator, which resulted in significant financial losses. Furthermore, there are reports of a new infostealer called Naz.API leaking millions of email addresses and passwords, posing a significant data security risk. Additionally, there are concerns about YouTube making millions of dollars from running ads on climate change disinformation videos, and French privacy watchdog CNIL has fined Yahoo’s EMEA branch for failing to comply with EU GDPR regulations. These incidents highlight the ongoing challenges and threats in the cybersecurity landscape that require immediate attention and action.

Overall, it’s clear that there are significant cybersecurity challenges that need to be addressed, from the effectiveness of cybersecurity review boards to the increasing sophistication of cyber threats and the need for better data protection measures. It’s crucial for government and industry leaders to work together to strengthen cybersecurity measures and protect sensitive data from malicious actors.

Stay Well!