HB1297, the bill that would revise Florida’s current cybersecurity governance, is close to being approved by lawmakers following several incidents across the state, including a ransomware attack against Broward County Public Schools and the hacking of a local water treatment facility, reports StateScoop. The bill is based on a January report released by a 15-member task force and would give the Florida Digital Service more cybersecurity duties, such as creating a statewide plan that will be updated yearly, developing cybersecurity trainings for state employees and creating a 19-member Cybersecurity Advisory Council. Several state House committees have already unanimously approved the bill, while a companion legislation is being introduced to the state Senate. Lawmakers are also in the process of approving a spending plan for the 2022 fiscal year, which increases cybersecurity funding by $31.6 million. The added funding will be used to improve the state’s threat-assessment and endpoint detection tools, upgrade government websites and strengthen industrial control systems.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
The Cybersecurity and Infrastructure Security Agency has expanded access to its Malware Next-Gen malware analysis service to organizations in the private sector months after it was offered to government and military workers, reports The Record, a news site by cybersecurity firm Recorded Future.
Malware-laced GitHub repositories using popular names and topics are being advanced by threat actors through automated updates and fraudulent stars meant to manipulate the leading software developer platform's search rankings as part of a new open-source supply chain attack, The Hacker News reports.
Several organizations across Germany have been targeted by suspected initial access broker TA547, also known as Scully Spider, with attacks using a generative artificial intelligence-based PowerShell to deliver the Rhadamanthys information-stealing malware, reports BleepingComputer.