Weekly News Roundup December 7-11, 2020

Of course, cybercriminals don’t wait for the holidays to victimize their targets, but they certainly do leverage important dates throughout the year to try and scam unwitting consumers. So here we are, and ’tis the season to get scammed, which is why an op-ed piece on is warning consumers how to protect themselves against cybercriminals who are increasing their use of e-skimming attacks.

Scammers prey on human vulnerability. Given this reality, a piece from Ashley Rose, CEO at Living Security, featured in Cybersecurity Ventures that looks at “The Evolution of Cybersecurity – Human Risk Management” feels incredibly timely. “We’ve grown so accustomed to hearing the statistics that we’re almost accepting of its inevitability. But much like the battle between Neo and Agent Smith in the classic film, “The Matrix,” inevitability (human error) isn’t as certain as it may seem to be,” Rose wrote.

The Wall Street Journal advised that organizations should be strategic in their security awareness training, warning that instilling fear might not be the best approach, as “fear can leave employees in a constant state of anxiety, which makes them unable to think clearly about threats.”

Indeed the threats are real, and this week’s reports that cybersecurity firm FireEye was the victim of a nation-state hack affirms that no company is impervious to cyberattacks.

Let’s turn to other cybersecurity events that made headlines this week.

Dec. 11: Registration for the annual CyberFirst Girls Competition sponsored by the National Cyber Security Centre is now open.

Dec. 11: Infosecurity reported, “A UK business specializing in tax relief for its clients has exposed the personal details of over 100,000 of them via a misconfigured content management system (CMS).”

Dec. 10: “An Al Jazeera anchor is alleging the crown princes of Saudi Arabia and the United Arab Emirates helped to coordinate a hack-and-leak operation intended to intimidate and disparage her,” CyberScoop reported.

Dec. 10: Pfizer and BioNTech reportedly said that documents related to its coronavirus vaccine had been accessed during a cyberattack on the European Medicines Agency (EMA) based in Amsterdam.

Dec. 9: Wired reflected on the antitrust case filed against Facebook noting, “At first blush, privacy and antitrust might seem like separate issues—two different chapters in a textbook about big tech. But the decline in Facebook’s privacy protections plays a central role in the states’ case.”

Dec. 8: Microsoft released 2020’s last batch of security updates for Windows PCs, “ending the year with a relatively light patch load,” wrote Krebs on Security.

Dec. 7: According to Threatpost, the NSA warned, “adversaries are exploiting a weeks-old bug in VMware’s Workspace One Access and VMware Identity Manager products.”


Share With Your Community:

*** This is a Security Bloggers Network syndicated blog from RSAConference Blogs RSS Feed authored by RSAConference Blogs RSS Feed. Read the original post at: