{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

04/06/2020
linkedin facebook twitter instagram
WorkScoop
The Small Business Administration admits it may have exposed some loan applicants' personal data. A Chinese company blames DarkHotel for a spy campaign, but questions linger. And Zoom's success is starting to catch up to them. This is CyberScoop for Monday, April 6.

A new pandemic-related headache

As the Small Business Administration was preparing to ramp up its lending to entrepreneurs hobbled by coronavirus-related shutdowns, a “limited number” of loan applicants may have had their personally identifiable information exposed to others, an SBA spokeswoman told CyberScoop over the weekend. The agency is in the process of notifying affected people and offering them a year of free credit monitoring. Small businesses reeling from disruptions caused by the pandemic have turned to SBA’s economic disaster loan program. which offers to $2 million in lending per business. That raises the stakes for protecting loan applicants’ security and privacy. Sean Lyngaas had the story.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


The latest DarkHotel mystery

A well-resourced hacking group with possible ties to South Korea has launched an apparent espionage campaign against the Chinese government as international governments grapple with the COVID-19 pandemic, according to a Chinese security firm. The group, DarkHotel, compromised more than 200 virtual private network servers to infiltrate “many” Chinese institutions and government agencies, Qihoo 360 said in a report. The timing of the attack coincides with instructions from the Chinese government forcing citizens to work from home in order to mitigate COVID-19’s spread. Outside security researchers with experience chasing nation-state hacking groups immediately questioned whether Qihoo 360 could be sure that the DarkHotel group could be behind the campaign. Jeff Stone broke it down.


Zoom shares take a hit amid privacy concerns

Wall Street is starting to question whether Zoom can keep up with its own exponential growth. Shares of the company behind the videoconferencing app fell by 9% when markets opened Monday, even after the number of daily users hit 200 million, up from 10 million in early March. The stock drop came after a tough week at Zoom, with security researchers finding vulnerabilities in the company's systems and the revelation that the company relies on flawed encryption linked to China. "Encryption concerns have already caused some high profile customers to curtail Zoom usage, and we expect others could follow through the majority of organizations likely have no issue," Credit Suisse said in an analysts' note. Reuters covered the news.


The good kind of iPhone hack

The bug bounty program that Apple famously expanded last year is paying off for Ryan Pickren. The young security researcher strung together a chain of exploits to show Apple engineers how he managed to hack the iPhone camera and its microphone. The victim would only need to visit a malicious website on the Safari browser; no link-clinking required. It’s the kind of capability that a spyware vendor would drool over. Apple has issued software patches. Sean had the report.


Mapping out zero-day buyers

It’s not just the cyber powers of world — the U.S., China, and Russia — that are deploying top-shelf hacking tools, but a lot of others who can afford them, security firm FireEye said Monday. The company’s map of zero-day exploits shows how hacking groups in countries from Uzbekistan to the United Arab Emirates are buying up exploits sold by vendors like NSO Group. Private companies may be increasingly selling hacking tools to unskilled groups who burn through them, making zero-day usage easier to track, FireEye said. Find the map here.


Tweet Of The Day

Image

Whatever. Nothin' but time nowadays.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}