Weekly News Roundup November 17-22, 2019


Posted on by Kacy Zurkus

Somehow, we have reached the end of November, which came upon us all too quickly. As we prepare for the holiday shopping season, e-Merchants will be offering lots of deals, but fraudsters will be looking to exploit the trust of unsuspecting users. Before clicking on an ad that seems too good to be true, you might want to spend some time reading about how to avoid potential scams

With the Thanksgiving holiday only days away, I wanted to highlight all the good that can be done around public policy and technology, as well as a few of the many successes the cybersecurity industry can give thanks for. The work of defenders is paying off, and the Department of Justice continues to hold cybercriminals accountable. This week, the DOJ announced that another Chinese national was indicted by a grand jury on allegations that he had conspired to commit theft of trade secrets and espionage, and a California man pleaded guilty to telemarketing conspiracy to commit both mail and wire fraud.

It’s not only law enforcement that is working to protect victims of cybercrimes. Recognizing that there are far too many victims of cyber-stalking as a result of the malicious use of tracking and monitoring apps, multiple organizations came together to form the Coalition Against Stalkerware, which launched this week.

Here’s a look at more cybersecurity news from this week’s headlines.

Nov. 22: The President and Chief Executive of a US power utility, Southern Co., told the Wall Street Journal Pro Cybersecurity that machine-based attacks against critical infrastructure could soar to upwards of trillions per day.

Nov. 21: Flashpoint analysts monitoring both closed and invite-only online communities have seen a number of threat actors discussing the ways to abuse mail-forwarding via the US Postal Service to facilitate fraud.

Nov. 20: A Monero Project user noticed that a downloaded file had been modified, revealing that the project’s official website had been compromised, Help Net Security reported.   

Nov. 20: US Commerce Secretary Wilbur Ross announced that the Trump administration has started issuing licenses to nearly 300 applicants looking to do business with Huawei.

Nov. 19: The passwords and personal information of approximately 2.2 million users of cryptocurrency wallet service GateHub and gaming bot provider EpicBot were posted online after a GateHub database was compromised on the dark web.

Nov. 19: Macy’s issued a data breach notice informing customers that “an unauthorized third party,” which has been linked to Magecart, had accessed customer data, including payment card information.

Nov. 19: Researchers at Checkmarx disclosed a vulnerability in the Google camera app that also impactsthe camera apps of other smartphone vendors in the Android ecosystem—namely Samsung—presenting significant implications to hundreds-of-millions of smartphone users.”

Nov. 19: The Hill reported a strong bipartisan desire for the National Security Advisor to appoint a 5G coordinator.

Nov. 18: The National Security Agency (NSA) issued an advisory to address risk management associated with Transport Layer Security Inspection (TLSI).

Nov. 17: Nearly all Iranian citizens experienced “a near-total internet and mobile data blackout on Saturday” in what was reportedly the government’s effort to silence protestors

Nov. 16: Merely hours after Disney+ launched, hackers had compromised user accounts and advertised the stolen information for sale in online hacking forums.


Contributors
Kacy Zurkus

Director of Content, RSA Conference

RSAC Insights

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs