{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

10/10/2019
linkedin facebook twitter instagram
WorkScoop
The Department of Homeland Security's cyber outfit is trying to improve its ability to report vulnerabilities. Amnesty International detects a long spyware campaign in Morocco. And Gen. Paul Nakasone's uncensored talk on Hong Kong. This is CyberScoop for Thursday, October 10.

DHS makes a power move

DHS’s Cybersecurity and Infrastructure Security Agency asked Congress for the authority to subpoena internet service providers for the contact information of critical infrastructure companies that may be vulnerable to hacking. This comes amid DHS officials' frustration that the law prevents them from directly contacting those assets owners, having to go through a third-party instead. A key focus of any new administrative subpoena power would be industrial control systems. ICS technology has "potential vulnerabilities that are accessible from the public internet,” CISA’s Jeanette Manfra said Wednesday. A House Homeland Security Committee aide told CyberScoop that any changes to the law would have to come with assurances that the “proper privacy measures are in place.” Sean Lyngaas has the report.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Pegasus strikes journalist, human rights attorney in Morocco

Hackers potentially working on behalf of a foreign government have targeted Moroccan human rights advocates with malicious software built by NSO Group, a controversial spyware vendor, according to Amnesty International. Since 2017, journalist Maati Monib and Abdessadak El Bouchattaoui, an attorney, repeatedly have received malicious links and browser redirections that, if trusted, would install the Pegasus malware. It’s the latest allegation that NSO Group provided Pegasus to a customer that used it for more than combating terrorism and crime. The software allows attackers to take almost total control of an affected phone. Human Rights Watch has documented a list of government efforts to obstruct reform in Morocco, including prison sentences for people who have “harmed” the monarchy there or insulted Islam. Jeff Stone has more details.


NSA boss has a thing or two to say on Hong Kong

National Security Agency Director Gen. Paul Nakasone on Wednesday criticized the Chinese government’s recent efforts to spread disinformation about protests in Hong Kong focused on a controversial Chinese law. Nakasone delivered his remarks at FireEye’s Cyber Defense Summit in Washington, D.C., noting: “the Chinese government has subverted pro-democratic demonstrators with fake social media posts, providing us a snapshot of how Beijing weaponizes information.” In recent months Google, Twitter and Facebook caught China spreading propaganda denigrating protesters and applauding police. Shannon Vavra has the rundown.


Proposed rule change could help secure the medical supply chain

The Department of Health and Human Services on Wednesday suggested changing federal regulations to make it easier for health care organizations with bigger budgets to provide cybersecurity assistance to cash-strapped ones. The idea concerns the interpretation of two laws — the so-called “Stark Law” the Federal Anti-Kickback Statute — that are designed to guard against fraud and abuse, but which some say are overly broad to the point of barring much-need cybersecurity services for small clinics. If the change goes through, a local hospital could donate free cybersecurity software to each doctor that refers patients to the hospital, the HHS said. Read the details.


DHS chief visits the cyber shop

Acting Homeland Security Secretary Kevin McAleenan on Wednesday visited DHS’s new Cyber Lab, a facility for malware analysis and attack simulations, where he declared cybersecurity and election security “one of my top three priorities.” In remarks to DHS personnel and the press, McAleenan emphasized CISA’s work on election security and industrial control systems. “[W]e now have a government facility that looks like it would fit in out in the tech community,” he said. Since taking over as acting secretary in April for the cybersecurity-minded Kirstjen Nielsen, McAleenan has predictably been absorbed by President Donald Trump’s hardline immigration agenda. He has, however, begun to speak more about cybersecurity in recent weeks. One CISA analyst gave McAleenan a demo of CISA’s red-team services via a phishing-based intrusion of a system, while another simulated an attack on a miniature pipeline. Sean Lyngaas was on hand for the visit.


Tweet Of The Day

Image

Nothing to see here.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}