Weekly News Roundup December 7-11, 2020


Posted on by Kacy Zurkus

Of course, cybercriminals don’t wait for the holidays to victimize their targets, but they certainly do leverage important dates throughout the year to try and scam unwitting consumers. So here we are, and ’tis the season to get scammed, which is why an op-ed piece on CNBC.com is warning consumers how to protect themselves against cybercriminals who are increasing their use of e-skimming attacks.

Scammers prey on human vulnerability. Given this reality, a piece from Ashley Rose, CEO at Living Security, featured in Cybersecurity Ventures that looks at “The Evolution of Cybersecurity – Human Risk Management” feels incredibly timely. “We’ve grown so accustomed to hearing the statistics that we’re almost accepting of its inevitability. But much like the battle between Neo and Agent Smith in the classic film, “The Matrix,” inevitability (human error) isn’t as certain as it may seem to be,” Rose wrote.

The Wall Street Journal advised that organizations should be strategic in their security awareness training, warning that instilling fear might not be the best approach, as “fear can leave employees in a constant state of anxiety, which makes them unable to think clearly about threats.”

Indeed the threats are real, and this week’s reports that cybersecurity firm FireEye was the victim of a nation-state hack affirms that no company is impervious to cyberattacks.

Let’s turn to other cybersecurity events that made headlines this week.

Dec. 11: Registration for the annual CyberFirst Girls Competition sponsored by the National Cyber Security Centre is now open.

Dec. 11: Infosecurity reported, “A UK business specializing in tax relief for its clients has exposed the personal details of over 100,000 of them via a misconfigured content management system (CMS).”

Dec. 10: “An Al Jazeera anchor is alleging the crown princes of Saudi Arabia and the United Arab Emirates helped to coordinate a hack-and-leak operation intended to intimidate and disparage her,” CyberScoop reported.

Dec. 10: Pfizer and BioNTech reportedly said that documents related to its coronavirus vaccine had been accessed during a cyberattack on the European Medicines Agency (EMA) based in Amsterdam.

Dec. 9: Wired reflected on the antitrust case filed against Facebook noting, “At first blush, privacy and antitrust might seem like separate issues—two different chapters in a textbook about big tech. But the decline in Facebook’s privacy protections plays a central role in the states’ case.”

Dec. 8: Microsoft released 2020’s last batch of security updates for Windows PCs, “ending the year with a relatively light patch load,” wrote Krebs on Security.

Dec. 7: According to Threatpost, the NSA warned, “adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products.”

Contributors
Kacy Zurkus

Director of Content, RSAC

Hackers & Threats Privacy

hackers & threats privacy risk management security awareness data security exploit of vulnerability

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs