This Week in Security News - November 5th, 2021
This week, learn about what the future of cybercrime could potentially look like by the start of the next decade, according to Trend Micro’s Project 2030. Also, read on how a hacker stole $784k in crypto through SIM swaps.
Save to Folio
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about what the future of cybercrime could potentially look like by the start of the next decade, according to Trend Micro’s Project 2030. Also, read on how a hacker stole $784k in crypto through SIM swaps.
The fictional nation of New San Joban gives us the scope to bring all our possible futures together in one place. What Trend Micro describes is a future that, while plausible or even probable in many parts of the world, is not inevitable or even possible in all. By looking toward the future of technology through the eyes of highly acclaimed researchers and futurists, we enable enterprises to create a more nuanced, long-term strategic plan.
The US Department of Justice has indicted a suspected Twitter hacker known as 'PlugWalkJoe' for also stealing $784,000 worth of cryptocurrency using SIM swap attacks. These attacks are commonly made by performing social engineering and pretending to be the target, hacking into mobile carriers' systems, or bribing employees.
Trend Micro’s most recent Pwn2Own competition (Fall 2021 Pwn2Own Austin) includes more IoT entries than ever. This gives us an opportunity to probe today’s largest and newest enterprise attack surface: the home office.
The Biden administration issued a sweeping new order mandating that nearly all federal agencies patch hundreds of cybersecurity vulnerabilities that are considered major risks for damaging intrusions into government computer systems.
You have a load balancer to keep your app running efficiently and you may even have security that inspects incoming traffic to detect and stop risks. But what about the pesky bad guys that slip through? Vulnerabilities are inevitable. You need proactive and reactive layered security, so on the off chance something does slide through, you have 10 additional metaphorical nets to catch it in.
Since the COVID-19 pandemic, restaurants have been providing customers with a QR code that allows them to view a menu on their devices. According to the Better Business Bureau, the recent widespread adoption of QR codes in response to the coronavirus crisis has also resulted in cybercriminals abusing them. A recently discovered phishing campaign leveraged QR codes as a means to bypass malicious link detection mechanisms.
The Small Business Administration (SBA) Cyber Awareness Act would require the SBA to issue a report on its cybersecurity capabilities and notify Congress in the event of a cybersecurity breach potentially compromising sensitive information. The House also passed the Small Business Development Center Cyber Training Act, which would establish a cybersecurity counseling certification program.
The U.S. Commerce Department added four companies, including Israel-based spyware companies NSO Group and Candiru, to a list of entities engaging in "malicious cyber activities." The agency said the two companies were added to the list based on evidence that "these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."
The Biden administration is working on an executive order that spells out the responsibilities of myriad top cybersecurity officials in the federal government, according to National Cyber Director Chris Inglis. Specifically, the idea would be to solidify the position of his office, only established by law in January, Inglis told the House Homeland Security Committee.
What do you find most shocking from the Project 2030 report? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.