{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

06/09/2020
linkedin facebook twitter instagram
WorkScoop
Nearly 30,000 phishing messages sent to activists, corporate investment firms and other targets originated with an Indian "security" company. Voting technology with growing influence includes big flaws. And Honda cancels some production amid a possible ransomware incident. This is CyberScoop for Tuesday, June 9.

Vast hack-for-hire scheme unveiled

Since 2013, thousands of people throughout the world have been targeted with phishing emails that appeared to come from friends, co-workers, Facebook, pornography websites and other sources. In fact, the emails aimed to trick recipients into providing their username and password to BellTroX InfoTech Services, an Indian security firm that aimed to hack organizations on behalf of its clients, according to the internet watchdog group Citizen Lab. Environmental groups working on the #ExxonKnew campaign, which argued that Exxon Mobil ignored evidence of climate change for decades, were targeted “extensively,” Citizen Lab found. Jeff Stone wraps it all up.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


A major voting service is vulnerable to manipulation

An online voting platform that a handful of states are using in limited capacities this year has been found to be vulnerable to hacking that could expose or manipulate how a person’s ballot was cast without being detected either by voters or officials tallying results. The platform, OmniBallot, is scheduled to be offered by the states of Delaware and West Virginia as an option for active-duty military members, other overseas residents and voters with physical disabilities — and, in the case of Delaware, voters who are self-quarantining due to COVID-19. Benjamin Freed explains at StateScoop.


SPONSORED BY MCAFEE

New report shows an increase in cyber threats during pandemic

McAfee’s latest Cloud Adoption and Risk Report focuses on cybersecurity trends of the nation’s homebound workforce. With a significant shift of enterprises adopting cloud services, the report found that it is exposing networks to more cyberthreats, shares McAfee’s Chief Strategist, Ned Miller. “We observed a 630% increase in external cloud threats which were indicators of account takeover attempts, and data exfiltration,” he said. Hear more findings from the report.


A tough week for Honda

Three years after WannaCry shuttered a Honda plant, the Japanese automotive giant may be having a case of déjà-vu. The company has for at least 48 hours been dealing with a “disruption” to its computer network, a spokesman confirmed. Some researchers suspect the EKANS ransomware, a nascent strain that has been used in attacks on at least one other company. Honda has canceled some production as a result of this incident. Sean Lyngaas has the story.


DARPA wants hardware specialists to start hacking

The agency that had a hand in inventing the internet is taking on hardware security in a big way. The Defense Advanced Research Projects Agency announced a bug bounty that aims to cut whole classes of vulnerabilities out of computer chips and other hardware before they’re deployed in real-world systems. DARPA contracted with penetration-testing company Synack to try to get the job done. Sean is on it.


Check Point uncovered a front company

GuLoader, a piece of code that’s been used in hundreds of recent hacks, is being supported by a legally registered Italian company, Check Point researchers found. The suspicious organization seems to be called CloudEyE, and it hawks a product with the same name, while offering tutorials on storing malicious payloads in cloud drives. Beyond that, though, Check Point sleuths were able to trace one of the firm’s affiliates to code shared with GuLoader. It’s an example of the types of front companies that make up the cybercriminal ecosystem. Whoever they are, CloudEyE did not respond to a request for comment. Find more details.


An emerging app fraud technique

Researchers at White Ops say they're monitoring a fraud operation in which almost all the evidence of fraud has evaporated. The company is watching 38 beauty-focused apps with more than 20 million downloads that, until recently, included code designed to inundate user devices with advertisements. Suddenly, developers removed malicious code from the apps, and the programs typically were removed from Google's Play Store within three weeks. Researchers, of course, have a couple ideas about what's going on. Here’s the full breakdown.


Tweet Of The Day

Image

File under "Industries optimized for telecommuting."


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}