{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

11/25/2019
linkedin facebook twitter instagram
WorkScoop
Richard Spencer, the Navy secretary who ordered a cyber review, is out. Iranian hackers are expanding their mission. And two phone breaches have some strange similarities. This is CyberScoop for Monday, November 25.

Navy's cyber-minded secretary is out

U.S. Navy chief Richard Spencer  submitted his resignation to Defense Secretary Mark Esper over his handling of a case of an accused war criminal. Spencer's Navy had sought to discipline Edward Gallagher, a SEAL accused of fatally stabbing wounded ISIS captives, then threatening other U.S. military personnel. After President Trump intervened on Gallagher's behalf, Spencer resigned. As Navy secretary, Spencer tried to chart a new course on cybersecurity for a service that has struggled for years to protect its systems from hackers. In October 2018, Spencer commissioned a wide-ranging review of the Navy’s cybersecurity posture, winning praise from lawmakers for his commitment to tackling the issue. More on that here.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Details emerge about two breaches at two phone companies

A OnePlus representative said the security team determined “an unauthorized party” accessed data “within certain orders.” OnePlus did not disclose the number of customers affected, when the incident occurred, nor how the outsiders infiltrated its systems. Payment data, passwords and accounts are unaffected by the breach, the company said. Word of the OnePlus breach came one day after T-Mobile announced its own security incident, which reportedly affected 1 million people. T-Mobile said information associated with customers’ prepaid service accounts was affected, including phone numbers, account numbers, rate plan and rate features. Payment data and password information were unaffected in that breach, too. Jeff Stone has more context.


Iran's new ICS interests

Hackers linked with the Iranian government have in the last two months shifted their attention from traditional IT products to industrial control system gear, according to Microsoft. The shift fits a broader trend in state-linked activity in which attackers have been increasingly willing to probe industrial software to achieve their objectives. The hacking group — known as APT33 — is “noisy” in that it sends out huge volumes of password-cracking attempts. But don’t mistake that conspicuousness with a lack of sophistication, warns Microsoft’s Ned Moran. “You have an actor that’s really interested in the energy industry,” which includes important infrastructure such as pipelines and refineries, he said, laying out his concerns. Sean Lyngaas has the news.


Curious about the CISA leadership change?

A top DHS cyber official is leaving the department. We will break down what it means for 2020. In our interview, we talk to Rupert Cook from Immersive Labs about why his company believes it’s got a winning model in gamifying cybersecurity training. Listen to the latest Securiosity podcast here.


Ransomware strikes New Jersey school district

Schools in Livingston, New Jersey, started two hours late this morning thanks to a ransomware attack that slowed the district's servers. Superintendent Matthew Block wouldn't say how much attackers demanded, or if district officials would pay. But it looks like student data will be inaccessible until security responders can fix the situation. It's at least the fourth time a district in the tai-state area have been hit with ransomware within the past few months. Local news outlets are all over it.


Google offers up more than one million big ones

Google said last week it will offer $1 million to bug bounty researchers who prove they can take remote control of Pixel 3 and 4 phones with persistent access, matching a similar Apple bounty for its own devices. It's also offering $1.5 million to anyone who finds Android operating system vulnerabilities that leverage the new Titan M security chip. To carry out the attack, participants will need to infiltrate Google's Titan M Secure Element, a chip meant to safeguard company devices. The offer triggered a chain reaction on Twitter, where skeptics and advocates debated the merits of the plan. Google's blog is here.


Senate quietly advances cyber bill

Last week, the U.S. Senate unanimously passed a bill creating new grants and other programs designed to help states and localities with their cybersecurity efforts, potentially advancing efforts to make more federal resources available for lower rungs of government that have been struggling to fend off a seemingly open-ended series of ransomware attacks and other threats. The State and Local Government Cybersecurity Act, introduced by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, allows the National Cybersecurity and Communications Integration Center — the federal government’s hub for sharing information about cyberthreats to the nation’s critical infrastructure — to provide more tools to lower levels of government, authorize the sharing of more classified information with chief information officers and other top state and local officials, and create more training programs for IT workers. Benjamin Freed has more at StateScoop.


Tweet Of The Day

Image

Ms. Frizzle would have built a better CyberTruck. Just saying.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}