This Week in Security News – November 5th, 2021 | #computerhacking | #hacking | #education | #technology | #infosec


Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about what the future of cybercrime could potentially look like by the start of the next decade, according to Trend Micro’s Project 2030. Also, read on how a hacker stole $784k in crypto through SIM swaps.

Read on:

Ctrl+Alt+Truth. Welcome to the Future of Cybercrime

The fictional nation of New San Joban gives us the scope to bring all our possible futures together in one place. What Trend Micro describes is a future that, while plausible or even probable in many parts of the world, is not inevitable or even possible in all. By looking toward the future of technology through the eyes of highly acclaimed researchers and futurists, we enable enterprises to create a more nuanced, long-term strategic plan.

Alleged Twitter Hacker Charged with Theft of $784K in Crypto Via SIM Swaps

The US Department of Justice has indicted a suspected Twitter hacker known as ‘PlugWalkJoe’ for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. These attacks are commonly made by performing social engineering and pretending to be the target, hacking into mobile carriers’ systems, or bribing employees.

Do Home Hackers Compromise Business Security?

Trend Micro’s most recent Pwn2Own competition (Fall 2021 Pwn2Own Austin) includes more IoT entries than ever. This gives us an opportunity to probe today’s largest and newest enterprise attack surface: the home office.

Biden Administration Orders Federal Agencies to Fix Hundreds of Cyber Flaws

The Biden administration issued a sweeping new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems.

Deploy Layered Security Instantly with Azure GWLB and Trend Micro

You have a load balancer to keep your app running efficiently and you may even have security that inspects incoming traffic to detect and stop risks. But what about the pesky bad guys that slip through? Vulnerabilities are inevitable. You need proactive and reactive layered security, so on the off chance something does slide through, you have 10 additional metaphorical nets to catch it in.

QR Codes Offer Scammers Another Avenue to Circumvent Traditional Email Security

Since the COVID-19 pandemic, restaurants have been providing customers with a QR code that allows them to view a menu on their devices. According to the Better Business Bureau, the recent widespread adoption of QR codes in response to the coronavirus crisis has also resulted in cybercriminals abusing them. A recently discovered phishing campaign leveraged QR codes as a means to bypass malicious link detection mechanisms.

House Passes Bills to Shore Up Small Business Cybersecurity

The Small Business Administration (SBA) Cyber Awareness Act would require the SBA to issue a report on its cybersecurity capabilities and notify Congress in the event of a cybersecurity breach potentially compromising sensitive information. The House also passed the Small Business Development Center Cyber Training Act, which would establish a cybersecurity counseling certification program.

US Sanctions Pegasus-Maker NSO Group and 3 Others for Selling Spyware

The U.S. Commerce Department added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in “malicious cyber activities.” The agency said the two companies were added to the list based on evidence that “these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

White House Preps Order to Clarify Top Cyber Roles in Federal Government

The Biden administration is working on an executive order that spells out the responsibilities of myriad top cybersecurity officials in the federal government, according to National Cyber Director Chris Inglis. Specifically, the idea would be to solidify the position of his office, only established by law in January, Inglis told the House Homeland Security Committee.

What do you find most shocking from the Project 2030 report? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.


Source link