{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

12/09/2020
linkedin facebook twitter instagram
WorkScoop
A cybersecurity heavyweight takes a big punch. Norway's parliament attributes a hack to a nation-state. And Chris Krebs files a lawsuit. This is CyberScoop for Wednesday, December 9, 2020.

An APT breaches FireEye

A suspected state-sponsored hacking group has broken into top cybersecurity firm FireEye and stolen the “red team” tools the firm uses to test clients’ defenses. FireEye has powerful clients around the world, and those tools could offer a kind of roadmap for breaching other organizations. FireEye CEO Kevin Mandia did not name a culprit in announcing the breach Tuesday. The FBI took the rare step of confirming an ongoing investigation into the matter. The feds say the attack has all the hallmarks of activity by an advanced persistent threat (APT) group. Sean Lyngaas reports.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Norway to intruders: Oh you Fancy, huh?

Speaking of major state-sponsored hacking operations, Norwegian security officials on Tuesday implicated Fancy Bear — the notorious GRU-linked hacking group that meddled in the 2016 U.S. election — in an August cyberattack on Norwegian parliament. But Fancy Bear’s tactic, in this case, wasn’t too fancy. The attackers used password brute-forcing, a reminder that an APT doesn't always have to use "advanced" techniques. Sean has more.


Krebs takes the Trump campaign to court

Ex-CISA chief Chris Krebs has filed a defamation lawsuit in a Maryland court against the Trump campaign, one of its lawyers, and conservative media outlet Newsmax, after a violent threat against Krebs from the lawyer. The lawsuit cites numerous death threats Krebs has received via text and email since. It’s part of a pattern of dangerous hostility against Republican and Democratic election officials in multiple states. President Trump fired Krebs on Nov. 17 for saying the election was secure. Sean has this one, too.


German court buckles down on email surveillance

A regional court in Germany has ordered email provider Tutanota to monitor an account under suspicion in a blackmail case. Tutanota said it plans to appeal the ruling, as it appears to contradict other decisions from other courts in the EU and Germany. The ruling comes amid a broader, protracted campaign from governments around the world to weaken encryption for law enforcement purposes. Security and encryption experts say the case could set a dangerous precedent for privacy and security. Shannon Vavra has more context.


Patient data at stake in new GE bug

Researchers from CyberMDX have discovered a software vulnerability affecting more than 100 models of GE medical imaging devices like X-ray and MRI machines that could allow an attacker to steal sensitive patient data. The maintenance software for the GE medical devices used publicly-exposed login credentials, which could allow attackers to execute code on the devices. There’s no evidence that the bug has been exploited, and doing so successfully would require access to a hospital’s computer network. More on the research.


SPONSORED BY FORTINET

‘Immense’ synergies to be gained between TIC 3.0 and CDM

TIC 3.0 and CDM — both developed by DHS’s CISA — are meant to work hand-in-hand in giving agencies visibility into their IT networks and securing them. In a recent panel discussion, government IT leaders from the CDM program and Small Business Administration joined Fortinet’s Jim Richberg to discuss how these natural synergies that allow agencies to securely connect externally to cloud services. Read highlights from the discussion.


Tweet Of The Day

Image

OK, now do Mimikatz.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}