Welcome reader to your CybersecurityHQ report.

Headlines

Russia’s Foreign Intelligence Service (SVR) is now accusing the United States of interfering in its upcoming presidential election, claiming that cyberattacks are being used against the online voting system to suppress voter turnout. President Putin warned that such interference would be seen as an act of aggression. The claims mirror those made by the US against Russia in 2016 and 2020.

According to the claim, the US is using American NGOs to infiltrate the Russian voting system with the help of IT experts. The SVR summarizes in their report, “With the participation of leading American IT specialists, it is planned to carry out cyber attacks on the remote electronic voting system, which will make it impossible to count the votes of a significant proportion of Russian voters.”

In the fallout of the UnitedHealth Group attack, the US government is launching an investigation into the company, its data, and its response to the February 21 incident The investigation is trying to determine if there was a breach of protected health data and to check for compliance with health privacy laws. That’s because there is a high likelihood that patient information protected by HIPAA was compromised.

HIPAA mandates that patients be notified within 60 days of their information being affected — a difficult hurdle to clear given the scope of the UnitedHealth attack in February. The full impact remains to be understood, but services are back online for now.

Red Canary's 2024 Threat Detection Report focuses on cloud account attacks, surging Mac malware, and malvertising. The report analyzes nearly 60,000 threats from over 1,000 clients' data across 161 pages, revealing a substantial increase in cloud-based attacks, notably exploiting email forwarding rules and web APIs. Human vulnerabilities are still a primary culprit, with social engineering tactics like Scattered Spider proving successful.

The long-time boogeyman of AI-deployed attacks is now a reality, but defenders maintain an edge. Meanwhile, the rise of novel approaches in malvertising remains a significant thread through the report — a must-read.

Interesting Read

A new write-up on the TikTok ban is available on Politico (courtesy of Rebecca Kern, Steven Overly, Brendan Borderlon, and Josh Sisco). The article covers the drama after the ban sailed through the House and now raises questions about who in America could afford the purchase of one of the world's most valuable tech companies. With a potential price tag reaching hundreds of billions of dollars, few companies have the financial capability, and potential buyers would face instant antitrust scrutiny.

Former Treasury Secretary Steven Mnuchin has expressed interest in assembling an investor group to acquire TikTok if the bill becomes law. However, challenges lie ahead, including Senate approval and navigating the complex acquisition process. The app's value as a wholly-owned subsidiary is challenging to determine, and any sale could face complications similar to Microsoft's failed attempt in 2020 due to valuation disagreements.

Employment Tip: Use SEO in Your Resume

More and more employers now extensively use search tools and applicant tracking systems to screen candidates. That means you essentially need to search engine optimize your resume with relevant keywords and phrases. Believe it or not, this will radically increase the likelihood of it appearing in search results — particularly important for initial applicant screening and less important later on in the process. How do you do this? Look through job postings to identify industry-specific keywords that relate to your skills, qualifications, and job titles, and strategically integrate them throughout your resume.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team