{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

03/02/2020
linkedin facebook twitter instagram
WorkScoop
A mental health professional is gathering data to try to understand how security incidents impact the cyber community's mental health. The Pentagon is learning about more vulnerabilities than ever. And a summary of our RSA. This is CyberScoop for Monday March 2.

A psychiatrist tackles infosec’s mental health stigma

In just about every industry, mental health difficulties are overlooked and under-appreciated. But in cybersecurity, “it’s even more stigmatized,” according to psychiatrist Ryan Louie. He is trying to change that by speaking out at big conferences and appealing for data. “If someone comes into your clinic saying they’ve been hacked, don’t just brush it aside,” Louie advised his fellow mental health professionals during a speech at RSA last week. “Ask them questions. Ask them cybersecurity questions.” Sean Lyngaas had the report from RSA.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


The Pentagon's vulnerability program broke a record

Outside security researchers alerted the Pentagon about more software vulnerabilities in its networks than ever before, according to statistics released by the DOD's Cyber Crime Center. Last year, vetted researchers found unpatched virtual private network endpoints just as nation-state hackers latched onto exploiting vulnerabilities in VPN technologies to steal user credentials and monitor sensitive traffic. Next, the Pentagon is working to test a possible launch of a vulnerability disclosure program for the defense industrial base. Shannon Vavra has more context.


What we learned at RSA

Team CyberScoop is back from San Francisco after a busy week at the annual RSA cybersecurity conference. We were out in force to cover how Chinese hackers respond to U.S. indictments, and spoke with FBI officials about how agents recovered some $300 million of the $3.5 billion in reported cybercrime losses last year. Meanwhile, there was plenty of new research about everything from Iranian phishing attacks to a new bug in common Wi-Fi chips. And all that came after SF Cyber Talks, where Assistant Attorney General John Demers discussed how the U.S. is trying to take legal action to deter hackers in the future. Thanks for hanging with us.


TA505 scammers spent 2019 targeting South Korea's financial sector

A gang of hackers with a long history of financially motivated attacks increased its targeting of businesses in South Korea last year, using a combination of malicious attachments and ransomware to haunt victims, according to new findings. Researchers from the Financial Security Institute, which is similar to an information sharing and analysis center for South Korea’s financial sector, said the group, TA505, appears to share tools, techniques and procedures with FIN7, a Russian-speaking group blamed for more than a billion dollars in global losses. Many of the phishing emails TA505 sent throughout South Korea included malicious Microsoft Excel documents, and often relied on the “FlawedAmmyy” malware. Jeff Stone has more details.


Anti-ransomware training lags in public sector

Are state and local government agencies really improving their abilities to fight ransomware? IBM Security reports that if you talk to the actual workers, they say their awareness of the problem is better, but the overall support for training and response isn’t where it needs to be. The company polls employees at those levels of government each year about cybersecurity matters, and more than half responded that budgets for managing incidents stayed flat in 2019. IBM Security talked to 690 public-sector workers for the report. Benjamin Freed breaks down the numbers at StateScoop.


Hawaii data privacy bill agitates advertisers

Hawaii is the latest state to propose its own data privacy law, and some provisions in the legislation are drawing attention from advertising groups that think the proposals would go too far. The Hawaii bill would mirror the California Consumer Privacy Act in requiring businesses to tell Hawaiians what data they are collecting and giving people the ability to opt out of that data-gathering. But it would go a step further in outlawing the sale of geolocation data and browsing histories without users’ explicit consent. A coalition of five trade groups claims that the geolocation provision, in particular, would “undermine the ad-supported internet.” Ben has this story, too.


Tweet Of The Day

Image

That should do it.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}