{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

01/11/2022
linkedin facebook twitter instagram
WorkScoop
Jen Easterly checks in with a Log4j update. What's the real way to "impose cost" on ransomware attackers? A school website provider says it's basically cleaned up from last week's incident. This is CyberScoop for January 11.

Lack of major Log4j attacks in U.S. doesn't mean they aren't coming

There haven't been any significant Log4j-based incidents in the U.S. yet, but they could still emerge, CISA says. “We do expect Log4j to be used in intrusions well into the future,” Director Jen Easterly said Monday on a call with reporters. “There may be a lag between when this vulnerability is being used and when it is being actively deployed.” Easterly pointed to the 2017 Equifax breach, where the vulnerability was discovered months before the intrusion became public. Tim Starks has the rundown.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Don't skip defense in favor of offense

To have real, long-term impact on ransomware, policymakers need to do more than "impose costs" on hackers with offense, writes Harvard Kennedy School’s Belfer Center Nonresident Fellow Selena Larson in an op-ed. Organizations and governments need to more actively consider the ways that defense can impose costs too: Robust, consistent and well-funded cyberdefenses cost adversaries time, effort and the likelihood of success. Defense — along with investment in mandatory cybersecurity requirements — is how we will solve the fundamental problems at the heart of the ransomware epidemic, she writes. Read the op-ed.


No data theft in attack, school website provider says

Finalsite, a company that provides web hosting services for K-12 schools and some colleges, says it has largely recovered from a ransomware incident detected last week. The company deactivated thousands of schools' sites amid the attack, and it appears that the move paid off: No data was stolen, a spokesperson said. The company says it has identified the type of ransomware that prompted the incident, but is declining to name it. StateScoop's Benjamin Freed has the story.


Changes at Signal

Signal founder Moxie Marlinspike has stepped down from his role of company CEO. Board member Brian Acton will serve as interim CEO while the encrypted messaging app company searches for someone to fill the position. Marlinspike will remain on the company’s board. "[T]he values and the mission that Signal was built on are embedded in the whole of the organization, and everyone involved is here to honor them and see them through," Marlinspike wrote. Read more.


Tweet Of The Day

Image

Web4 is gonna be so awesome.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}