Weekly News Roundup September 22-27, 2019


Posted on by Kacy Zurkus

Each week, the headlines continue to remind us of the RSA Conference 2020 theme, Human Element. As fraud grows more prevalent, cybercriminals continue to use social engineering tactics to exploit the trust of unsuspecting users. We live in a world where US utilities firms are being targeted with spear-phishing campaigns, and municipalities are looking to the federal government to help them recover from cyberattacks.  

Earlier this week, Malwarebytes reported that nefarious threat group Emotet has resumed activity, “incorporating the news about NSA whistleblower Edward Snowden’s new book Permanent Record as a lure.” Meanwhile, the European Court of Justice ruled that the “right to be forgotten” clause of the General Data Protection Regulation (GDPR) is only applicable within the European Union (EU). A win for Google.

The pace of innovation is rapidly changing the world around us, and understanding how to safeguard digital privacy at the pace of change can feel like a full-time job. Advances in technology are impacting everything from connected trucks in the transportation sector to the offerings at institutions of higher learning.

Because staying abreast of all the headlines across verticals is becoming more challenging, here’s a look back at some of what happened this week that you should know about.

Sept. 27: A data breach at DoorDash is estimated to have impacted more than 5 million users.

Sept. 27: A security researcher reportedly created an exploit, which he describes as a “permanent unpatchable bootrom exploit” that is “possibly the biggest news in iOS jailbreak community in years,” according to Security Week.

Sept. 26: Nearly two-thirds of security professionals report that cyber-risk management in their organizations is more difficult now than it was only two years ago, according to research from ESG.

Sept. 25: An 11-year-old boy from Simpsonville, SC, was reunited with his family after the boy took his brother’s car and drove 200 miles to meet a stranger he’d connected with on Snapchat. The child had pulled up next to a Charleston police cruiser at approximately 12:30 a.m. on September 23.

Sept. 25: A new report found that AI’s ability to detect diseases from medical imaging is nearly on par with that of medical professionals.

Sept. 25: After the launch of Bakkt, Bitcoin’s price fell significantly below the $10,000 mark it’s been steadily holding for several months.

Sept. 24: According to new research from Proofpoint, more than 17 US utilities companies have been targeted with LookBack malware since April. 

Sept. 24: In conjunction with 26 other countries, the US has signed a resolution to advance responsible state behavior in cyberspace.

Sept. 24: Tortoiseshell, the threat actor that Symantec had previously identified, has attempted to victimize military veterans by creating a fraudulent job-seeking site, according to new research from Cisco Talos.

Sept. 23: While Thinkful, an online education platform, forced a password reset after suffering a data breach, Malindo Air announced findings that its recent data breach was the result of two former employees who had improperly accessed the data.  

Sept. 22: Small businesses continue to be at risk of threats from human error by not offering employees security awareness education, according to a new report, which found that less than a third of employees at SMBs said they receive annual cybersecurity training.


Contributors
Kacy Zurkus

Director of Content, RSA Conference

RSAC Insights

privacy GDPR phishing artificial intelligence & machine learning

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs