Weekly News Roundup December 1-6, 2019

Posted on by Kacy Zurkus

Let’s start with a big exhale. We’ve all survived another Black Friday and Cyber Monday, and by all accounts, the holiday shopping extravaganzas went off without a hitch. NBC News did report that “Up to 97 percent of all online traffic to retailer login pages this holiday shopping week comes from bots, largely operated by organized gangs of cybercriminals, according to estimates by cybersecurity firm Radware.” However, TechCrunch reported that the e-commerce industry broke another record, with a total of $9.4 billion in online sales. That speaks volumes for consumer trust.

As we creep closer toward the end of 2019, industry leaders are starting to look forward to 2020 with anticipation, particularly with thoughts of how to close the ever-widening skills gap and deal with digital innovation. This season is also a time to look back at the past 12 months and recognize all of the successes and challenges the industry has faced.

For now, though, let’s look at the events of this week, which of course involve malware, cybersecurity warnings, election security concerns and so much more!

Dec. 6: After Microsoft threat researchers analyzed a database containing billions of previously leaked login credentials, the team determined that password reuse was creating security problems across more than 44 million user accounts.

Dec. 5: The Department of Justice is offering a substantial $5 million reward for information leading to an arrest or conviction of two Russian nationals charged with hacking, bank fraud and deploying malware.

Dec. 5: Security researchers at Check Point Software unearthed what they called an “ultimate man-in-the-middle attack” using email spoofing to bamboozle victims into making a $1 million wire transfer.

Dec. 4: A security analyst inadvertently shared a session cookie, which resulted in a hacker being able to access private reports on the HackerOne platform.  

Dec. 4: The website used by New Zealand residents looking to either register or relinquish their firearms was “subject to a security lapse,” and subsequently shut down to ensure its security, according to news from ZDNet.

Dec. 3: As the holiday shopping season got underway, the FBI warned consumers that smart TVs connected to the Internet could be compromised by cybercriminals.

Dec. 2: The Indian government, looking to augment its cybersecurity policy with the development of a “National Cyber Security Strategy 2020,” issued an open call for submissions to citizens.

Dec. 2: A software glitch reportedly caused massive failures in the voting machines of a Pennsylvania county, which has given rise to the call for a nationwide paper ballot, according to the Washington Post

Dec. 2: With the California Consumer Privacy Act going into effect in January 2020, privacy regulations will continue to drive changes to cybersecurity.

Dec. 2: According to a press release from Europol, “Law enforcement authorities from 18 EU Member States … in a joint investigation with Europol … have seized over 30 506 domain names that distributed counterfeit and pirated items over the internet during operation IOS X. These included counterfeit pharmaceuticals and pirated movies, illegal television streaming, music, software, electronics, and other bogus products.”

Dec. 1: A new regulation in China requires mobile phone users to have their faces scanned when registering for new mobile services, the BBC reported.

Dec. 1: Endpoint security will continue to proliferate as part of an ongoing trend, with more businesses reportedly prioritizing “greater resiliency in their endpoint security strategies going into 2020,” Forbes reported.

Kacy Zurkus

Senior Content Manager, RSA Conference

RSAC Insights

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs