{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

10/21/2019
linkedin facebook twitter instagram
WorkScoop
Microsoft talks us through an effort, years in the making, to give its security team more control over the company's (notoriously) open supply chain. There's a proactive idea to squash election-system bugs. And we hear how Twitter bots are backing Turkey's assault on the Kurds. This is CyberScoop for Monday, October 21.

Microsoft wondered 'how the hell' to replicate iPhone security in its PCs

Microsoft is pushing an initiative meant to protect its computers’ most sensitive data amid recent revelations that nation-state hackers are beginning to exploit the fragmented nature of the company’s supply chain. The company on Monday started pushing Secured-core PCs, its term for machines that will come with Windows 10, Microsoft’s latest PC operating system; Windows Hello, which allows users to log in without a password; and, most importantly, silicon microchips built by Intel, Qualcomm and AMD that are meant to more closely guard sensitive data. By ensuring that PCs are loading legitimate Windows operating systems when a devices activate, the plan goes, Microsoft will ensure that users aren’t actually loading a malicious OS inserted by an outsider. Jeff Stone walks you through what's going on.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Speaking of Microsoft...

While voting equipment vendors have yet to embrace bug bounty programs, Microsoft has established one for its open-source voting software. The company said Friday that researchers can earn up to $15,000 for finding “high-impact vulnerabilities in targeted areas” of the ElectionGuard software that Redmond rolled out in May. The software allows voters to ensure their ballot is counted by giving each person a unique code to track the encrypted version of their vote. Microsoft has posted the source code for ElectionGaurd to GitHub, but it will take time for election officials to adopt. Read more from Sean Lyngaas.


How Twitter bots are trying to sway global opinion in Turkey's favor

A barrage of social media disinformation has accompanied Turkey’s military incursion into Kurdish-held regions of northern Syria in what's the latest example of Twitter bots backing a government at a time of international scrutiny. Thousands of accounts in recent weeks have sent tweets including the hashtag #BabyKillerPKK, according to the Atlantic Council’s Digital Forensic Research Lab. The hashtag is a reference to the Kurdistan’s Worker’s Party (PKK), which the U.S. has designated as a terrorist organization despite the PKK’s ties to the Kurdish People’s Protection Units. (Turkey does not make a distinction between the two groups.) While Turkey’s military has launched airstrikes and backed militias that have killed civilians, bot-like Twitter accounts have sought to sway the world’s opinion in favor of Ankara and Turkish President Recep Tayyip Erdogan. Jeff has more context.


Live from CyberScoop HQ: How cyber war games work today

DC CyberWeek, our annual series of events throughout the Washington region, kicked off this morning with a panel discussion at CyberScoop headquarters that featured Nicole Monteforte, head of cyber readiness and wargaming at Booz Allen Hamilton, and Steve Schmalz, RSA's field CTO. The immediate takeaway? Cyber wargaming has matured as a tool for sizing up risk and preparing for the worst. Booz, like other firms, combines red team exercises with traditional penetration tests, simulated FBI investigations and realistic media Q&A sessions to help firms understand what to do if they're hit with a real cyberattack. Convincing clients to implement the things they've learned is still a challenge, though. "We did a test with a DOD client last March and the recommendations are still bouncing around the room looking for buy-in," Monteforte said. In another case, they tested a top-five financial firm only to be told the security team wasn't allowed to lock down big transactions. (There are three more chances this week to check out the SNG Live series and hear great speakers.) We'll be here all week.


Cozy Bear is still creepin'

One highly watched Russian hacker group just kept on hacking while we watched. We will talk about what some researchers unveiled this week. In our interview, we talk to Ori Eisen, Founder and CEO of Trusona about his quest to move both consumers and enterprises away from two-factor authentication. Listen to the latest Securiosity here.


Massachusetts trains town on ransomware

Communities in Massachusetts will train to become more resilient to cyberattacks through a new program from the MassCyberCenter, a public facility for developing the state’s technology ecosystem and workforce. The program will involve a series of public workshops conducted for municipalities across the state that mostly examine cyber incident response plans, as well as encourage collaboration between municipalities. The first workshop, to be held in 2020, will help communities determine what needs to be included in their incident response plan, said Stephanie Helm, the director of MassCyberCenter. The second workshop, which will take place months after the first to let communities familiarize themselves with their plan, Helm said, will be a check-in to see “how they’re doing” on critical cybersecurity tasks like inventory management, software patch schedules and more. Ryan Johnston has more at StateScoop.


Tweet Of The Day

Image

Unless you work in infosec!


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}