Weekly News Roundup October 25-29, 2021


Posted on by Kacy Zurkus

I stood shivering in my backyard this morning, spraying pink hair paint onto my daughter’s head—the finishing touches on her fairy costume—and thought about the sheer joy that Halloween brings to children. The very act of putting on a mask, pretending to be something other than who you really are, elicits utter giddiness in children. And we reward them for it—with oodles of chocolates and candy.

A report by Market Research Future indicates that as an industry, cybersecurity is equally as enamored by the art of deception, and dominant players in the industry are earning a lot more than candy. In fact, data breaches are so rapidly driving demand for more deception technology that the market is projected to reach $4.15 billion by 2026.

Still, there is a distinct difference between deception technology and outright fraud and disinformation campaigns. Not sure what the difference is? Nina Jankowicz, Director of External Engagement at Alethea Group, suggests five books to “enhance and expand your understanding of the tools of disinformation, its adjacent harms, and the future of the threat in a way that the morning news can’t.”

We also saw some switching up this week, both of names and devices. Yes, Facebook announced it has officially changed its name to META, which served as great fodder on Twitter. But of even greater importance was news of a critical device change reported by PYMNTS.com. The online payments processing unit, Worldpay from FIS, is replacing payment terminals from PAX Global Technology. “The decision comes amid a federal investigation into PAX and a raid on the company’s Florida locations, prompting customer concerns about the security of PAX devices.”

Read more about Mobile Payment Security Trends and Opportunities and explore our Library for additional educational content available through RSA Conference.

Now, here’s a look at this week’s cybersecurity headlines.

Oct. 29: According to news from Android Community, Google will deliver its most enhanced mobile security offering with improved privacy safeguards in Android 12.

Oct. 29: “China’s top internet regulator on Friday published draft guidelines that will subject companies with more than 1 million users in the country to a security review before they can send user-related data abroad,” Reuters reported.

Oct. 28: Krebs on Security reported, “In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure.”

Oct. 28: As the industry faces an alleged skills gap, Microsoft announced that it is launching a national campaign to expand the cybersecurity workforce.

Oct. 28: Vice reported that Ali Nassar Abulaban—a TikTok personality known for his Skyrim IRL series, allegedly installed a listening app on his daughter’s iPad and is believed to have then murdered his wife and a man after using the app to listen in on the two victims.

Oct. 27: A UK-based 17-year old allegedly used Google ads to set up a fraudulent gift card site, through which he was able to amass $2.74 million in Bitcoin.

Oct. 27: Camille Stewart and Lauren Zabierek, Co-Founders of the #ShareTheMicInCyber campaign will be “working with New America on a diversity initiative funded by Google, Twitter, and Craig Newmark Philanthropies.”

Oct. 26: VentureBeat reported, “The nation’s online retailers, bullish on holiday sales but worried about supply chain disruptions, are increasing their investments in artificial intelligence systems to help manage operations and increase sales.”

Oct. 25: In the face of complaints about information overload during October’s Cybersecurity Awareness Month, “Lisa Plaggemier, the interim executive director of the National Cyber Security Alliance, which launched Cybersecurity Awareness Month in 2004, told StateScoop that while many of these objections are valid, the critics are missing an opportunity to contribute in constructive ways — like speaking about cybersecurity at their local grade school, for example.”

Contributors
Kacy Zurkus

Content Strategist, RSA Conference

Protecting Data & the Supply Chain Ecosystem

artificial intelligence & machine learning disinformation campaigns/fake news deception-based security phishing secure payments & cryptocurrencies security awareness fraud privacy professional development & workforce

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community