SecurityWeek’s weekly roundup condenses noteworthy but smaller cybersecurity stories into a single briefing covering acquisitions, legal settlements, threat disruptions, policy updates, and technical guidance. This week’s highlights include Mitsubishi Electric’s acquisition of Nozomi Networks, a fresh phishing wave targeting LastPass users, CISA’s RSA withdrawal and post-quantum cryptography guidance, the alleged upload of sensitive files to ChatGPT, Google’s $68 million voice-recording settlement, the FBI seizure of RAMP, and a report that hosting providers block only a minority of vulnerability attacks. #NozomiNetworks #LastPass
Keypoints
- Mitsubishi Electric completed its acquisition of Nozomi Networks, which will operate as a wholly owned subsidiary.
- LastPass detected a new backup-themed phishing wave after disrupting the attackers’ initial infrastructure and coordinating takedowns.
- CISA withdrew from the RSA Conference amid leadership changes, issued guidance on post-quantum cryptography adoption, and is reviewing an incident involving the upload of sensitive files to ChatGPT.
- Law enforcement seized the RAMP cybercrime forum, and Dallas County, Iowa, settled for $600,000 with researchers arrested during a state-authorized penetration test.
- Google settled a $68 million voice-recording privacy lawsuit, Apple updated its Platform Security guide, and a PatchStack report found most vulnerability attacks are not blocked by hosting providers.