Weekly News Roundup May 18-22 2020

Posted on by Kacy Zurkus

Steve Miller Band said it best—time does keep on slippin’ into the future. Somehow we’re already halfway into 2020, and we find ourselves at the start of another Memorial Day weekend. Spring just started, and here we are at the unofficial kickoff to summer. While many of us are excited at the thought of backyard barbecues, we at RSA Conference are excited about our big announcement this week. In case you haven’t heard, the 30th anniversary of RSA Conference will take place the week of May 17, 2021, at the Moscone Center in San Francisco.

Certainly, the world at large has learned to adapt to wide-scale changes in the past few months, and in many of this week’s headlines, we saw a lot of changes that will hopefully benefit the industry. But as much as investments and research may change, vulnerabilities and risk remain largely the same. Here’s a look at what you might have missed this week.

May 22: According to news from Reuters, “Indonesia’s election commission is investigating the release of 2.3 million voters’ private information on a hacker website along with a threat to release the data of about 200 million people.”

May 21: Threatpost reported, “A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways.”

May 21: More than 2,000 Israeli websites—most of which were hosted on uPress—were reportedly defaced by hackers who exploited a vulnerability in a WordPress plugin and left an anti-Israeli message along with malicious code asking for access to users’ webcams.

May 20: Two cybersecurity experts identified multiple security risks in the contact-tracing app being trialed by the UK government.

May 20: Led by Valor Equity Partners, the Series C round of funding for Coalition, a San Francisco-based cybersecurity insurance startup, raised $90 million.

May 20: “The U.S. Department of Energy (DOE) announced the selection of the University of Texas – San Antonio to lead the Cybersecurity Manufacturing Innovation Institute (CyManII), a public-private consortium to bolster U.S. manufacturing competitiveness, energy efficiency, and innovation,” according to a press release from the DOE.

May 20: According to Gov Info Security, “The Security Service of Ukraine this week arrested a hacker known as “Sanix” who allegedly sold combinations of millions of email usernames and passwords on darknet forums.”

May 19: Forcepoint released a new study of 200 senior executives, which found that more than 76% of CEOs are losing sleep “over the fear of becoming the next headline-grabbing security breach, yet less than half of them have a firm cybersecurity strategy in place,” BetaNews reported.

May 19: Verizon published its annual Data Breach Investigations Report (DBIR) report, which reportedly found that malware incidents have declined.

May 18: According to a post from CISO Magazine, researchers at “the Human-Computer Interaction Institute at Carnegie Mellon University and other researchers are bringing focus to this new scientific area of cybersecurity. As their website (www.socialcybersecurity.org) mentions, this group is leveraging insights from social psychology and other fields to develop novel interventions and strategies for nudging adoption of expert-recommended tools and practices.” 

May 18: The US Financial Crimes Enforcement Network (FinCEN) issued an alert warning financial institutions about “rising medical scams related to the COVID-19 pandemic.”

Kacy Zurkus

Senior Content Manager, RSA Conference

Hackers & Threats RSAC Insights

hackers & threats

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs