{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

04/01/2020
linkedin facebook twitter instagram
WorkScoop
Some of the American companies most susceptible to a Kremlin-backed cyberattack tested their game planning. The FBI reminds remote workers that video conferences are vulnerable. And coronavirus scams approach $5 million. This is CyberScoop for Wednesday, April 1.

What we learned from a massive grid exercise

A biennial drill involving utilities across North America simulated the malware that Russian hackers used to cut power in Ukraine in 2016. It is an example of the greater lengths that many utilities go to simulate disruptions to their networks following separate cyberattacks in Ukraine in 2015 and 2016. A report released Tuesday on lessons learned from the “GridEx” drill, which took place in November, lamented the lack of participation from supply-chain vendors. Given that advanced hacking groups, including the one behind the dangerous Trisis malware, have gone after suppliers, that aspect of the drill is particularly important. Sean Lyngaas has the story.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


FBI to remote workers: Protect your video conference

Use of Zoom and similar services has exploded in recent weeks as companies, schools, governments, and individuals increasingly turn to teleconferencing as a way to keep businesses and classrooms afloat while sheltering in pace or working from home. However the shift also represents an opportunity for attackers, as white supremacists, hackers and other trolls barge into digital meetings, a phenomenon known as “Zoombombing.” “The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the bureau cautioned. Shannon Vavra breaks it down.


North Korea fires up the espionage machine again

Suspected North Korean hackers have been running a spearphishing email operation targeting people interested in North Korean refugees, according to new research from ESTsecurity, a South Korea-based security firm. The cyber-espionage group, which ESTsecurity Security Response Center researchers call Geumseong121, entices its victims into clicking links that look to be about North Korean refugees. But instead of delivering valuable information, the link points recipients to repositories that download malicious files, according to ESRC. The campaign, dubbed “Operation Spy Cloud” since it relies on cloud services, shows the hacking group returning to operations following a setback in December when Microsoft seized 50 websites used by the group in spearphishing campaigns. Shannon has the news.


Coronavirus scam complaints already hit nearly $5 million

Complaints to the Federal Trade Commission about coronavirus-related scams have more than doubled in the past week, with roughly 7,800 reports. The FTC said Tuesday that Americans have said they've lost $4.77 million, with a reported median loss of $598, from scams related to falsified travel refunds, mobile texting scams and government and business imposter scams. The agency is urging nervous Americans to learn how they can protect themselves. That guidance is here.


Small Business Administration's data protection plans are 'not effective'

An inspector general report for the government agency charged with supporting American entrepreneurs found persistent weaknesses when testing the agency's systems against the Federal Information Security Modernization Act. Of the eight areas evaluated, SBA only achieved a “managed and measurable” level — denoting effective security — in incident response. The agency reached a “consistently implemented” level in three other areas: risk management, data protection and privacy, and contingency planning. Configuration management, identity and access management, security training, and information security continuous monitoring were found at a “defined” level. Dave Nyczepir covered it at FedScoop.


Tweet Of The Day

Image

We're all heroes in our own way.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}