{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

03/03/2020
linkedin facebook twitter instagram
WorkScoop
For threat intelligence researchers, breaking the law is bad for business. Facebook scrubs hundreds of accounts from Egypt and India. And Walgreens exposed prescription numbers. This is CyberScoop for Tuesday, March 3.

DOJ warns threat intel researchers to be careful

New guidance from the Department of Justice warns threat intelligence companies to avoid breaking the law when gathering data from dark web forums and suspected cybercriminals. The department’s cybersecurity unit last week published a 15-page memo meant to clarify prosecutors’ position on the collection of evidence from private companies. Researchers rely on pseudonyms to build their reputation on hacking forums, hoping to encourage other members to inadvertently reveal information about themselves or their activities. Often, threat intelligence providers will detail their findings to law enforcement, or clients trying to fend off an attack. Jeff Stone has more.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


About Facebook's latest takedown...

Facebook has removed hundreds of accounts, pages, groups and Instagram accounts originating from Indian and Egyptian marketing firms for violating policies against foreign interference. The announcement comes as part of Facebook’s plan to be more transparent about how it roots out inauthentic behavior on its platforms (this is the first in what executives said will be a series of monthly reports). But it's not the first time the Egyptian marketing firms have been caught running questionable campaigns on Facebook. And it’s a possible warning sign that identifying and removing inauthentic behavior may not be enough, researchers at the Atlantic Councils’ Digital Forensic Research Lab say. Shannon Vavra has the takeaways.


Chinese nationals ID'd in North Korean crypto hack

The Departments of Justice and Treasury charged and sanctioned two Chinese nationals Monday for laundering stolen money obtained through a North Korean government hack of a cryptocurrency exchange in 2018. Treasury has previously singled out the Lazarus Group, a collection of North Korean attackers, but this is the first time the U.S. government is formally sanctioning Chinese nationals with assisting a North Korean hack of involving cryptocurrencies, which can be especially useful in efforts to evade sanctions as they are harder to track than fiat currency. Shannon breaks it down.


SPONSORED BY DELOITTE

Reducing cybersecurity risk with public-private partnerships

The growing scale of cyberthreats adds urgency for public and private sector organizations to share cybersecurity data. While the divergent demands of government and private sector have historically made data sharing challenging, industry consortiums to catalog and share threat intelligence has proven to be a beneficial model. Additionally, the process of information sharing has been one way to build trust between organizations. Hear more insights from cybersecurity experts.


Clean up in the (online) pharmacy

For about a week in January, a bug in the app that Walgreens customers use to track prescriptions leaked sensitive customer data to other customers, the pharmacy chain revealed late last week. The data included the names of customers and the drugs they’re taking. Walgreens said it plugged the hole in the app right after it found it, and that only a “small percentage” of its customers were affected. The pharmacy giant filled over a billion prescriptions in fiscal 2019. Sean Lyngaas has the latest.


Off-the-shelf 2FA gets a thumbs-up from Army

About 1,000 people have been testing two-factor authentication for the Army, and IT officials say they are encouraged by the results and would like to expand the program. The goal is to find alternatives to the Common Access Card (CAC), the military’s hard pass for accessing networks. The pilot project involves YubiKey tokens as well as an unnamed authenticator app, and the Army says it wants to expand the use of both authentication methods. Off-the-shelf login tokens could be especially beneficial to members of the National Guard or first responders working with the military during national emergencies, officials say. Jackson Barnett has the details at FedScoop


Tweet Of The Day

Image

Does that come as a service?


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}