{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

02/08/2021
linkedin facebook twitter instagram
WorkScoop
Iranian dissidents across the globe are malware victims, researchers say. Ransomware gangs probably have more connections that we thought. And the FBI leaned on a foreign ally for help in busting a botnet. This is CyberScoop for Monday, Feb. 8, 2021.

Domestic Kitten, Infy hack dissidents worldwide, researchers say

Iranian hacking groups with ties to the nation's government are hacking hundreds of dissidents around the world, researchers said. Domestic Kitten, aka APT-C-50, netted 600 victims with its "Furball" malware, said Check Point. Infy, aka Prince of Persia, wasn't as prolific in terms of victims claimed but Check Point and its research partner SafeBreach documented victims in more countries. The newly-revealed campaigns are evidence that the two groups are more active than previously realized, the companies said. Tim Starks has the news.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Ransomware strains getting too close for comfort

The number of ransomware strains that lock up systems throughout the global internet might suggest that an immeasurable number of independent hackers is plundering victims’ data. In fact, new research suggests that digital extortion specialists are more closely connected than they may appear. Researchers at Chainalysis say they have found connections that suggest collaboration between hackers who have used the Maze, Egregor, SunCrypt and DoppelPaymer hacking tools. Shannon Vavra has the details.


The FBI goes Dutch

The Dutch police were the tip of the spear in the multinational takedown of Emotet, using their hacking authorities to access the botnet’s servers. For the FBI, it was a lesson in how its foreign allies are sometimes better positioned than the bureau to make an arrest or even deploy offensive cyber-capabilities. The work isn't over, and Emotet could be back, an FBI official said in a Friday press briefing. Sean Lyngaas has more.


Alleged cryptomining scammer extradited to US from Serbia

A Serbian man faces charges in the U.S. related to a cryptocurrency mining fraud scheme and other scams that authorities say ripped off investors to the tune of more then $70 million. Serbia extradited Antonije Stojilkovic to the U.S., where he is charged with conspiracy to commit fraud and money laundering. The Justice Department said Stojilkovic and his co-conspirators advertised that their cryptocurrency mining platforms would allow investors to "purchase bitcoin at half market price!!" because of a "24-7 mining" operation at "facilities 'worldwide." Tim has this one, too.


Popular barcode scanner served up a trojan, researchers say

A barcode-scanning app with 10 million downloads in the Google Play Store was mostly innocuous until late last year, when it began carrying malware, says antivirus company Malwarebytes. The aptly named Barcode Scanner was available for years without drawing much attention, but the most recent update carried a trojan that opened devices' default web browsers — then served up ad pages — without any action by users themselves, the antivirus company says. That behavior made the malicious code more than just "adware," Malwarebytes says. It appears the problematic update came from the app's developer itself, and not a third-party ad company. Joe Warminsky explains.


FTC reaches settlement with SkyMed

The Federal Trade Commission approved a settlement with SkyMed International, Inc., an emergency travel services company, over allegations that it failed to secure customer information properly. SkyMed allegedly left 130,000 records containing patent information on an unsecured cloud database in plain text, including names, addresses and health information. The settlement will require SkyMed to notify affected customers and to establish a biennial third party security assessment. Read the settlement here.


NIST's "171" guidance gets a followup about APTs

It's not unusual to hear government contractors refer to "171" or "800-171," the special publication by the National Institute for Standards and Technology that explains how to protect "controlled unclassified information." Now there's an "800-172" on the books — and its emphasizes ways to protect networks from advanced persistent threats (APTs). Many of the prescribed practices should already be in place for federal contractors, such as using strong passwords, multi-factor authentication and automated tracking of unauthorized users on a network. But NIST says contractors should assume that APT hacking groups are already in their systems. Jackson Barnett has more at FedScoop.


Tweet Of The Day

Image

They're super-cool *and* they're super-fancy.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}