Somehow, we have reached the end of November, which came upon us all too quickly. As we prepare for the holiday shopping season, e-Merchants will be offering lots of deals, but fraudsters will be looking to exploit the trust of unsuspecting users. Before clicking on an ad that seems too good to be true, you might want to spend some time reading about how to avoid potential scams.
With the Thanksgiving holiday only days away, I wanted to highlight all the good that can be done around public policy and technology, as well as a few of the many successes the cybersecurity industry can give thanks for. The work of defenders is paying off, and the Department of Justice continues to hold cybercriminals accountable. This week, the DOJ announced that another Chinese national was indicted by a grand jury on allegations that he had conspired to commit theft of trade secrets and espionage, and a California man pleaded guilty to telemarketing conspiracy to commit both mail and wire fraud.
It’s not only law enforcement that is working to protect victims of cybercrimes. Recognizing that there are far too many victims of cyber-stalking as a result of the malicious use of tracking and monitoring apps, multiple organizations came together to form the Coalition Against Stalkerware, which launched this week.
Here’s a look at more cybersecurity news from this week’s headlines.
Nov. 22: The President and Chief Executive of a US power utility, Southern Co., told the Wall Street Journal Pro Cybersecurity that machine-based attacks against critical infrastructure could soar to upwards of trillions per day.
Nov. 21: Flashpoint analysts monitoring both closed and invite-only online communities have seen a number of threat actors discussing the ways to abuse mail-forwarding via the US Postal Service to facilitate fraud.
Nov. 20: A Monero Project user noticed that a downloaded file had been modified, revealing that the project’s official website had been compromised, Help Net Security reported.
Nov. 20: US Commerce Secretary Wilbur Ross announced that the Trump administration has started issuing licenses to nearly 300 applicants looking to do business with Huawei.
Nov. 19: The passwords and personal information of approximately 2.2 million users of cryptocurrency wallet service GateHub and gaming bot provider EpicBot were posted online after a GateHub database was compromised on the dark web.
Nov. 19: Macy’s issued a data breach notice informing customers that “an unauthorized third party,” which has been linked to Magecart, had accessed customer data, including payment card information.
Nov. 19: Researchers at Checkmarx disclosed a vulnerability in the Google camera app that also impacts “the camera apps of other smartphone vendors in the Android ecosystem—namely Samsung—presenting significant implications to hundreds-of-millions of smartphone users.”
Nov. 19: The Hill reported a strong bipartisan desire for the National Security Advisor to appoint a 5G coordinator.
Nov. 18: The National Security Agency (NSA) issued an advisory to address risk management associated with Transport Layer Security Inspection (TLSI).
Nov. 17: Nearly all Iranian citizens experienced “a near-total internet and mobile data blackout on Saturday” in what was reportedly the government’s effort to silence protestors.
Nov. 16: Merely hours after Disney+ launched, hackers had compromised user accounts and advertised the stolen information for sale in online hacking forums.