I have the pleasure to present an advanced session on cybersecurity to tax preparers at the IRS’ National Tax Preparers Forum each year. The sessions are well attended, and I enjoy meeting attendees and talking about the craziness of new techniques threat actors are using to attack small businesses. This year was no exception.

One

In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies.

The rules, which will become effective thirty days after publication in the Federal Register, require public companies to “disclose material cybersecurity incidents they experience and to disclose on an annual basis material information

According to cybersecurity researchers at Bishop Fox, “hundreds of thousands” of FortiGate firewalls have not been patched against a known vulnerability and are at risk of being attacked by threat actors using the unpatched vulnerability.

TechRadar is reporting that the firewalls are vulnerable to CVE-2023-27997, and a patch has been issued by Fortinet to address

Researchers at WithSecure cybersecurity firm have seen two malware attacks against Veeam Backup and Replication servers believed to be initiated by cybercrime group FIN7, also known as Carbon Spider, which has also been linked to Darkside, BlackMatter, and BlackCat/ALPHV ransomware variants.

The WithSecure investigators believe that the attacks may be part of a larger campaign

The Foundation for Defense of Democracies issued a Report late last week entitled Time to Designate Space Systems as Critical Infrastructure which cogently outlines the risks associated with space systems (which are basically the same as any other electronic system) in order to designate space systems as the seventeenth critical infrastructure sector.

Space systems are

Russia-linked ransomware gang Clop has claimed that it has attacked over 130 organizations since late January, using a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, and was successful in stealing data from those organizations. The vulnerability is CVE-2023-0669, which allows attackers to execute remote code execution.

The manufacturer of GoAnywhere MFT notified