Cybersecurity Weekly: New cybersecurity laws signed, Log4Shell still targeted, LinkedIn cryptocurrency scams on the rise
Two new cybersecurity bills signed into U.S. law, Log4Shell vulnerability still being targeted, and how LinkedIn cryptocurrency scams are on the rise. All these and more in this week's edition of Cybersecurity Weekly.
1. President Biden signs cybersecurity bills into law
President Biden on Tuesday signed into law two pieces of legislation that will enhance cyber coordination with state and local governments and strengthen the federal cyber workforce, the White House announced.
2. Evolving beyond the password: It's time to up the ante
While there's an immediate need to improve MFA adoption, it's also critical to move to more advanced and secure passwordless frameworks, including biometrics.
3. Hackers are still exploiting Log4Shell vulnerability, warns CISA
CISA and US Coast Guard Cyber Command (CGCYBER) warned that nation-state hackers are still exploiting Log4Shell, specifically targeting unpatched, internet-facing VMware Horizon and Unified Access Gateway servers.
4. How properly implemented zero trust will help when it’s time for incident response
When used properly, zero trust can spare incident response teams a lot of headaches when it comes time to investigate a potential compromise.
5. LinkedIn scams are a “significant threat”, warns FBI
Digital currency fraud is a growing issue on social media, and LinkedIn is no different. In fact, according to according to Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento, California, field offices, cryptocurrency scams are big business on LinkedIn.