{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

09/30/2019
linkedin facebook twitter instagram
WorkScoop
What will DHS's Cyber Storm look like in 2020? If you are into iOS jailbreaks, you probably had a good weekend. And if you are terminating an employee, you should probably revoke all their login credentials. Seems easy, and yet, here we are! This is CyberScoop for Monday, September 30.

Taking the cyber by storm

In an exclusive preview of Cyber Storm, DHS’s big cybersecurity drill with critical infrastructure firms, officials say they expect next year’s exercise to be the most rigorous test of incident response plans to date. Participants, which will include energy, finance, and communications-sector firms, will have to “bring a [hypothetical] cyber incident to resolution as quickly as possible… [to] restore some of these key services as quickly as we can,” said Brian Harrell, CISA’s assistant director for infrastructure security. There will be more of an emphasis on collaborating with state and local officials than in previous exercises, and insider threats could be in play, Harrell said. The biennial exercise, now in its seventh iteration, is an opportunity for the public and private sectors to close gaps in how they respond to a disruptive cyberattack. Sean Lyngaas has more.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


A bootrom jailbreak? In 2019?

iPhone hackers went nuts on Friday when a researcher released an “unpatchable” iOS exploit that could make any iPhone from model 4S to 11 susceptible to a permanent jailbreak. The exploit, known as “checkm8,” takes advantages of flaws in Apple’s secure boot ROM (bootrom) and allows users to remove restrictions imposed on the devices by Apple or various telecom carriers. Once used on a device, checkm8 then allows for users to downgrade their devices to previous iOS versions, run a device with a second operating system, or run custom-made firmware. Greg Otto has more.


German manufacturer hit by malware infection

A malware infection at German car-part maker Rheinmetall Automotive has caused “significant disruption” to production at plants in Brazil, Mexico and the United States, the company announced last week. Rheinmetall Group, the manufacturer’s parent company, said it expects to lose 3 to 4 million euros, or $3.28 million to $4.38 million, per week due to the incident. Shares in the company dropped early Friday on the heels of the incident. Rheinmetall Automotive, which supplies top car manufacturers with auto parts such as pistons and engine blocks, did not specify the malware deployed or the identity of the perpetrator. Manufacturers have in some cases opened up more avenues for hackers by embracing digitization in recent years, observers say. Sean has more.


A lesson in revoking credentials

A federal contractor who worked on a U.S. Army IT system for Federated IT was sentenced to two years in prison on Friday for illegally accessing his employer’s network, stealing servers and proprietary information, and causing damage that resulted in more than $1 million in losses. At the time Barrence Anthony, 40, caused the damage, Federated IT provided services to the Office of the Army‘s Chaplain Corps. According to the affidavit, Anthony accessed a corps SharePoint instance hosted on Amazon Web Services after his employment was terminated, made backup versions of the system and moved duplicates to his own AWS account. Anthony also wiped the entire system and launched nearly 40,000 brute force cyberattacks against it. Shannon Vavra has more.


Why AI could help in the industrial security space

In this op-ed, Forescout Technologies CTO Rob McNutt makes the case for AI being worked into industrial security. The same type of technology that helps give you Netflix recommendations or find an Uber or Lyft is also helping companies pinpoint bad actors, automate basic security tasks, and more. Read Rob's op-ed here.


Killing the CrowdStrike conspiracy theory

President Donald Trump’s former homeland security adviser Tom Bossert said on Sunday that he had warned Trump that a conspiracy theory which posits that Ukraine, not Russia, had interfered in the 2016 presidential elections was “completely debunked.” Bossert told ABC This Week’s George Stephanopoulos, “I am deeply frustrated with what he and the legal team is doing and repeating that debunked theory to the president. It sticks in his mind when he hears it over and over again, and for clarity here, George, let me just again repeat that it has no validity.” According to the whistleblower complaint and a White House memo, Trump pressed Ukrainian President Zelesnkiy in July to help unearth what happened during the investigation of the 2016 breach of the Democratic National Committee, conducted by CrowdStrike, the cybersecurity firm that first found Russia responsible. We have more on why Trump may have mentioned CrowdStrike in the call.


Securiosity: CrowdStrike's week in conspiracy theory hell

The president is pushing a very weird false narrative on CrowdStrike. FedEx shareholders are fighting over NotPetya, and bug bounty companies may have some workforce issues in California. In our interview, we talk with Keenan Skelly of Circadence about the gamification of cybersecurity training and how enterprises are learning to teach everyone about cybersecurity. Listen here.


Tweet Of The Day

Image

All the more proof that it's not anonymous.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}