{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

06/24/2022
linkedin facebook twitter instagram
WorkScoop
Google researchers expose a sophisticated spyware campaign. Lawmakers want to keep Americans' data from foreign adversaries. And malicious hackers continue to exploit the Log4Shell vulnerability. This is CyberScoop for June 23.

Google finds that the 'commercial spyware industry is thriving'

Google's Threat Analysis Group on Thursday revealed a sophisticated spyware operation carried out by RCS Labs, a formerly obscure spyware firm that had once been a reseller for the infamous HackingTeam. Google's research revealed that the campaign, carried out with unnamed clients, targeted victims in Italy and Kazakhstan with a malicious mobile phone provider app or, in some cases, malicious messaging apps. The company is one of 30 spyware firms Google is actively tracking, researchers said, noting that "the commercial spyware industry is thriving and growing at a significant rate" and "should be concerning to all Internet users." AJ Vicens reports.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Lawmakers want to restrict user data sales to nations like China, Russia

A bipartisan group of senators introduced legislation Thursday that would create export controls for sensitive U.S. user data. The legislation takes aims at growing concerns about data brokers selling data like health information and military member location data to foreign adversaries. Specifically, the bill would direct the secretary of Commerce to identify which types of personal data could harm U.S. national security and designate which countries would require licenses to export to or be denied as a default. Tonya Riley has more.


Log4Shell rears its head anew

CISA and the Coast Guard warned on Thursday that state-sponsored hackers and others are continuing to exploit the Log4Shell vulnerability in VMWare Horizon and Unified Access Gateway servers. That vulnerability, to the popular open-source logging library Log4j, first came to public light in November, and alarmed CISA and security researchers for the potential to affect hundreds of millions of devices. The two agencies said Thursday that attackers are using the vulnerability "to obtain initial access to organizations that did not apply available patches or workarounds." The alert follows a Cisco Talos analysis earlier this week about an AvosLocker ransomware campaign where hackers got initial access to their target via two VMware Horizon Unified Access Gateways. Check out the alert.


Navy about to release unified cyber strategy

The Department of the Navy is currently reviewing and preparing to release an overarching cybersecurity strategy and vision statement that will shape how it operates moving forward as the modern battlespace becomes increasingly digital. Core tenets of the new governance document are “secure, survive and strike,” the Navy’s Principal Cyber Adviser Chris Cleary confirmed at an event hosted by CyberScoop and Okta on Thursday. Brandi Vincent at FedScoop has the story.


CISA releases second version of secure cloud migration guidance for agencies

The Cybersecurity and Infrastructure Security Agency released the second version of guidance on securely migrating to the cloud for agencies Thursday. The Cloud Security Technical Reference Architecture defines and clarifies considerations for shared services, cloud migration and cloud security posture management, so agencies can make implementation plans. Dave Nyczepir has more at FedScoop.


Election, law enforcement officials launch group to combat threats against voting process

A group of 32 current and former election and law-enforcement officials on Thursday announced the formation of a group aimed at tamping down threats against poll workers and voters. The new Committee for Safe and Secure Elections says it will attempt to connect local election administrators with their counterparts in police and sheriff’s departments in hopes of preventing more threats, harassment and acts of violence that’ve hounded the voting process in recent years. StateScoop's Benjamin Freed has the news.


Tweet Of The Day

Image

Farewell and good luck, Joe.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}