{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

08/06/2020
linkedin facebook twitter instagram
WorkScoop
DEF CON urges hackers to help improve satellite technology. The State Department offers big cash for info on foreign election meddling. And a top voting vendor publishes a vulnerability disclosure policy. This is CyberScoop for Thursday, August 6.

How DEF CON is hacking satellites

DEF CON’s aerospace village, where hackers can try their hand at hacking satellites and model airplanes has gone virtual because of the coronavirus. CyberScoop got an exclusive look at the virtual reality environment the Pentagon’s Defense Digital Service created to run some of the aerospace workshops. Participants will first be welcomed into a purple-infused virtual world adorned with floor-to-ceiling windows boasting views of fluffy cloud cover. Then, they navigate through the world by clicking on floating DEF CON skulls to cave-like “rooms” to join security challenges. Oh, and the world pays some homage to Star Wars, of course. Shannon Vavra has the first look.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


A lot of rubles for info on election hackers

U.S. Secretary of State Mike Pompeo has offered up to $10 million in rewards for the identification or location of anyone trying to interfere in elections “through certain illegal cyber activities” at the direction of a foreign government. The offer comes amid ongoing concern about meddling efforts designed to influence the U.S. election scheduled for Nov. 3. Jeff Stone explains.


Long time coming

It’s been two years since the voting equipment maker ES&S criticized the DEF CON Voting Village as gimmicky and hype-driven. Now, ES&S has solidified a policy to allow security researchers to probe their corporate networks and websites. It doesn’t cover election equipment, which is subject to other oversight. But researchers welcomed the policy as a sign of progress in their relationship with the vendors. “Hackers are going to hack, researchers are going to research, whether or not there’s a policy in place,” said ES&S’s Chris Wlaschin. Sean Lyngaas has the story.


A Bluetooth zero day

Attackers looking to steal sensitive information like contacts, call history, SMS verification codes or send fake text messages from Android devices only need to target Bluetooth protocols, according to new DBAPPSecurity research. It works by allowing attackers to disguise themselves as a trusted application, requesting permissions that allow one Bluetooth-enabled device to share data with another device, such as a headset or car’s “infotainment” system. Google is still working on a fix. Shannon has more details.


EFF's open-source project to track cell-snooping devices

Cell-tower-spoofing tech known as IMSI catchers, or Stingrays, are widely used by cops, and probably plenty of spies. But the technology for tracking such devices has lagged as cellular networks have gone from 2G to 4G and beyond, argues the Electronic Frontier Foundation. So the nonprofit this week released an open-source project called the Crocodile Hunter to track the rogue devices. If the tech works, it should get plenty of hits. Happy hunting. Sean has more.


How a sheriff on a power trip interrupted two security careers

Gary DeMurcurio and Justin Wynn, who work as penetration testers at Coalfire Labs, were charged with burglary in September 2019 after they broke into an Iowa courthouse. Unlike in a typical break-in, though, Iowa state officials had hired them to test the courthouse’s defenses, then alert the authorities about any vulnerabilities that actual thieves may try to exploit. While prosecutors eventually dropped charges against the two pen-testers, the case made national headlines and highlighted the risks that security professionals take as part of their employment. Now, DeMercurio and Wynn are breaking their silence. Jeff talks to them both.


Flaws in the same tech that enabled that blackout in Ukraine

Trend Micro researchers just revealed several vulnerabilities in protocol gateways, the small boxes that translate communications between different devices at industrial facilities. If exploited, the most critical of the bugs could allow a hacker to disable sensors for monitoring a facility’s temperature and performance. Researchers argue that vendors haven’t paid enough attention to the security of these devices, as they are less obvious a target than something like a PLC, which interacts with machinery at a facility. Sean has the context.


Tweet Of The Day

Image

Trust falls not pictured.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}