The week saw cyber threats shadow Black Friday’s $70B sales, AI reshaping banking, and Meta’s nuclear energy ambitions. ByteDance and Nvidia clashed in the U.S.-China tech war, while Australia pushed Big Tech to fund journalism. A turbulent digital landscape sets the stage for 2025.
The Pacific tech war intensifies as Trump's return to power amplifies U.S. export bans, targeting China’s AI progress. ByteDance, Nvidia's largest Chinese buyer, counters with bold strategies like crafting AI chips and expanding abroad. A fragmented 2025 looms, redefining tech and geopolitics.
Australia pushes tech giants to pay for local journalism with new laws as Meta faces a global outage, raising concerns over platform reliability. Meanwhile, Meta joins hyperscalers like Google and Amazon, exploring nuclear energy to power AI ambitions and unveils a $10B AI supercluster project.
From Scams to Espionage: Top Cybersecurity and Policy Stories You Need to Know
As Black Friday scams surge, Australians face rising threats with $500K lost to fake sites. Meanwhile, Salt Typhoon targets telecom giants in a global espionage campaign. RomCom exploits zero-day vulnerabilities on Firefox and Windows, while Trump eyes an 'AI czar' to reshape US tech policy.
Black Friday Scams Surge: A Warning for Australian Shoppers
As Australians dive into Black Friday sales, the Australian Competition and Consumer Commission (ACCC) and media outlets are urging caution against a rise in online shopping scams. Fraudsters are leveraging the shopping frenzy to exploit consumers, with nearly 3,000 fake retail websites identified this year, leading to over $500,000 in reported losses. The fashion and footwear sectors are particularly targeted, with scams disguised as legitimate brand deals to harvest personal and financial data.
Scammers are using sophisticated techniques, including paid ads to appear at the top of search results and social media promotions, to attract unsuspecting shoppers. The National Anti-Scam Centre reports over 2,760 impersonation scams in 2023, a number expected to spike during Black Friday and Cyber Monday, as Australians are predicted to spend $6.36 billion. Authorities warn that holiday stress and enticing discounts make consumers especially vulnerable.
To stay protected, shoppers are advised to verify website authenticity by typing URLs directly, check independent reviews, and be wary of unusually low prices or unusual payment requests. Using secure payment methods like credit cards or PayPal is critical. As the holiday shopping season ramps up, vigilance and proactive measures can help Australians avoid falling victim to scams.
Salt Typhoon's Sophisticated Espionage Campaign Exposed
Trend Micro has unveiled a new cyberespionage campaign by the Chinese state-sponsored group Earth Estries, also known as "Salt Typhoon", targeting Southeast Asian telecommunications companies. At the core of this operation is "GHOSTSPIDER," a highly sophisticated, multi-modular backdoor designed to load tailored modules for various purposes. Coupled with the DEMODEX rootkit, the malware facilitates long-term infiltration into critical systems, including database and cloud servers. Disturbingly, the attackers extended their reach by exploiting vendor networks, implanting the DEMODEX rootkit on contractor machines to breach the region’s primary telecom providers, indicating a well-orchestrated and multi-layered espionage effort.
Beyond telecommunications, Salt Typhoon's campaign has impacted over twenty organizations spanning the technology, consulting, chemical, transportation, and government sectors across countries such as Indonesia, Malaysia, Thailand, India, the United States, and Brazil. Victims, many of whom have been compromised for years, highlight the scale and persistence of the group's operations. The breadth of their targets and the extended duration of these intrusions underscore the strategic intent to extract sensitive data and maintain surveillance over critical infrastructure globally.
RomCom Exploits Zero-Day Vulnerabilities to Target Firefox and Windows Users
Security researchers have uncovered two zero-day vulnerabilities actively exploited by RomCom, a Russian-linked cybercrime group, to attack Firefox browser users and Windows device owners across Europe and North America. Known for executing cyberattacks on behalf of the Russian government, RomCom has also been tied to ransomware attacks, including a recent strike on Japanese tech giant Casio. The group targets entities aligned with Ukraine, demonstrating its aggressive and strategic intent.
ESET researchers revealed that RomCom leveraged these zero-day flaws to develop a sophisticated "zero-click" exploit, enabling the installation of malware without user interaction. Victims were compromised after visiting malicious websites controlled by the hackers, allowing RomCom to deploy its backdoor for full device access. The campaign impacted up to 250 victims per country, with most targets in Europe and North America. Firefox maker Mozilla patched the vulnerability on October 9, followed by Microsoft addressing the Windows flaw on November 12. Google’s Threat Analysis Group suggested the exploit may have been used in additional government-backed cyber campaigns, highlighting the growing risks of state-sponsored hacking.
Policy and Power: INTERNATIONAL
Trump Eyes 'AI Czar' Role, Plans to Overturn Biden's AI Order
Donald Trump is reportedly considering appointing an "AI czar" within the White House to oversee federal regulation and governmental use of artificial intelligence. This move is part of a broader strategy to position the United States at the forefront of emerging technologies, turning the upcoming election into a significant battleground for tech geopolitics.
In addition to creating the new role, Trump plans to overturn President Joe Biden's comprehensive AI executive order signed in October 2023. He argues that the current regulations hinder innovation by imposing excessive restrictions on the AI industry. Trump believes that a more streamlined, innovation-focused approach is necessary to maintain America's competitive edge in the global tech landscape.
Elon Musk, while not expected to assume the czar role himself, is anticipated to play a pivotal part in shaping AI policy. Alongside Vivek Ramaswamy, Musk is leading the Department of Government Efficiency (DOGE), an external group that will have substantial input on the appointment. Industry insiders express concerns that Musk could leverage his relationship with Trump to benefit his own enterprises, especially given his ownership of AI company xAI.
The potential "AI czar" could also see responsibilities merged with a "crypto czar," reflecting the administration's intent to be highly attentive to emerging technologies. This combined role would focus on mobilizing both public and private resources to maintain America's leadership in AI and cryptocurrency. Collaborating with agency chief AI officers, the czar would work to eliminate inefficiencies and prioritize innovation over regulation.
Christopher Wray resigns as FBI Director, signaling a shift under Trump. With Kash Patel as a potential successor, concerns grow over the FBI's independence and its impact on cybersecurity, financial crimes, and corporate governance.
Australia's government plans to make tech giants pay for local journalism, leveling the media playing field. Meanwhile, Meta faces global outages, sparking reliability concerns, and unveils nuclear ambitions with a $10B AI supercluster in Louisiana. Big tech is reshaping energy and media landscapes.
Chinese firms may ramp up U.S. solar panel production to offset higher tariffs anticipated under Trump's 2025 presidency. Despite policy shifts, strong U.S. solar demand drives adaptation as global clean energy competition intensifies.
Australia has passed groundbreaking legislation banning social media for teens under 16, with platforms like TikTok and Instagram facing AUD $50M fines for violations. PM Albanese calls it a win for parents, ensuring safer online spaces for kids.