{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

11/18/2022
linkedin facebook twitter instagram
WorkScoop
The Pentagon won a bureaucratic battle with the State Department. Infosec Twitter is on shaky ground. And Senate Dems are wondering if Twitter violated consumer protection laws. This is CyberScoop for Nov. 18.

Biden set to approve DOD cyber authorities

The Defense Department has largely won out in a long-running bureaucratic battle with the State Department over retaining its broad powers to launch cyber operations, according to two sources familiar with the matter. While the exact details of which authorities the Pentagon retains to carry out cyber operations are classified, sources familiar with the matter said it succeeded in holding onto key parts of broad authorities the Trump administration granted DOD in 2018. The State Department won some concessions as part of the revised policy document, according to a senior administration official speaking on condition of anonymity to describe the framework. The official added that the final version of the policy memorandum will include provisions requiring the White House to receive details of cyber operation plans from DOD well in advance of operations. Suzanne Smalley reports.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Will #infosecTwitter survive Elon Musk?

For years infosec Twitter has been a robust community, with all the ups and downs, quality and dreck, you’d find in any online space. Many have moved over to Mastadon, which offers a Twitter-like experience with notable differences by design. “That’s where infosec is now,” Patrick Gray, the host of the Risky Business podcast, said on his show Wednesday. “It’s absolutely insane how quickly it happened.” But some worry that the fracturing of infosec Twitter could have profound impacts on not only the community, but the vital exchange about the latest vulnerabilities, researchers’ techniques and tactics and the newest hacks that have collectively helped make the internet more secure — and the people on the frontlines of cybersecurity more informed. AJ Vicens has it.


White House to reign in spyware

The Biden administration plans to issue an executive order restricting how federal agencies can use spyware that poses security risks to the U.S., according to a letter sent to House Intelligence Committee leaders. According to the letter from the Departments of State and Commerce shared with CyberScoop by Rep. Jim Himes, D-Conn., the forthcoming order plans to “prohibit U.S. Government operational use of commercial spyware that poses counterintelligence or security risks to the United States or risks of being used improperly.” The letter does not define what would amount to improper use or what these security risks entail — potentially leaving opportunities for the U.S. government to still deploy spyware. Tonya Riley has more.


Lawmakers want FTC to investigate Twitter's security

A group of Senate Democrats including Sens. Richard Blumenthal, D-Conn., and Elizabeth Warren, D-Mass., are calling on Federal Trade Commission to investigate potential security issues at Twitter since Elon Musk purchased and took over the company late last month. In a letter to the FTC sent Thursday, lawmakers expressed concerns that the company may be in violation of consumer protection laws as well as in breach of a 2011 agreement the company reached with the agency over repeated security failures. Lawmakers’ top concerns related to how Musk rolled out Twitter’s verification services to all paying users, a move that experts warned could further exacerbate the platform’s issues with disinformation and financial scams. Fraudsters immediately used the service, Twitter Blue, to create accounts to impersonate corporations and individuals and spread fake news. Washington Post reporters were even able to create a verified account impersonating Sen. Edward Markey, D-Mass., one of the letter’s signatories. Tonya Riley writes.


ID.me misled IRS on processing times

The House Oversight Committee released its investigation into identity verification company ID.me on Thursday, concluding that the company “inaccurately overstated its capacity to conduct identity verification services to the Internal Revenue Service.” Among the report’s findings include that ID.me mislead the IRS in an April 2021 meeting over its wait times to authenticate taxpayers, stating that they were only “about 2 hours as of today.” In fact, ID.me data from that month shared with investigators showed that average wait times were more than four hours for 14 of the 21 state unemployment services using ID.me. Tonya Riley also reports.


Agency idling on offshore energy cybersecurity

The federal enforcement office that oversees more than 1,600 offshore oil and gas facilities has done little to address growing cybersecurity risks, according to a watchdog report released on Thursday. The Government Accountability Office said that the Department of Interior’s Bureau of Safety and Environmental Enforcement has taken “few actions” to address cybersecurity risks since the agency first planned to address the issue in 2015. The GAO noted that a worst-case scenario can be potentially fatal. “According to BSEE incident investigation documentation, these can include deaths and injuries, damaged or destroyed equipment, and pollution to the marine environment. However, in a worst-case OT failure scenario, all these impacts can occur simultaneously at a catastrophic scale," the GAO wrote. Christian Vasquez has more.


Tweet Of The Day

Image

Shout from the rooftop: bring back blogs!


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}