HB1297, the bill that would revise Florida’s current cybersecurity governance, is close to being approved by lawmakers following several incidents across the state, including a ransomware attack against Broward County Public Schools and the hacking of a local water treatment facility, reports StateScoop. The bill is based on a January report released by a 15-member task force and would give the Florida Digital Service more cybersecurity duties, such as creating a statewide plan that will be updated yearly, developing cybersecurity trainings for state employees and creating a 19-member Cybersecurity Advisory Council. Several state House committees have already unanimously approved the bill, while a companion legislation is being introduced to the state Senate. Lawmakers are also in the process of approving a spending plan for the 2022 fiscal year, which increases cybersecurity funding by $31.6 million. The added funding will be used to improve the state’s threat-assessment and endpoint detection tools, upgrade government websites and strengthen industrial control systems.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.
Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.