{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

10/31/2019
linkedin facebook twitter instagram
WorkScoop
FireEye uncovers an apparent Chinese espionage effort that sounds a lot like one of the NSA programs exposed by Edward Snowden. A Putin associate focuses on Africa. And cyber discounts continue for political campaigns. This is CyberScoop for Thursday, October 31.

How China is spying on individual phones

Chinese hackers are monitoring mobile text messages of specific users, and for certain keywords as part of a new surveillance campaign meant to track individuals, according to new FireEye findings. APT41, which carries out state-sponsored cyber-espionage on Beijing’s behalf, this summer compromised an unnamed telecom to monitor people interest to the Chinese government, scanning for military or intelligence keywords, and tracking how subjects are reacting to protests, such as those in Hong Kong. During the same intrusions, APT41 also sought individuals’ call records, which provide metadata such as the time the calls were made, the phone numbers involved, and the length of the conversations. Shannon Vavra has more context.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Breaking down recruitment barriers

Fifteen major companies including the likes of Apple, Google and IBM announced Wednesday they together will change their cybersecurity job descriptions and requirements to attract more talent. The firms, all of which as part of the Aspen Cybersecurity Group, are focused on nixing the requirements that all candidates have four-year bachelor’s degrees, as well as gender-biased job descriptions. They're turning their attention toward internal career development and training. The plan is to cut words like "dominate," "outspoken" and "ninja," which may be too masculine and unnecessarily keep some applicants from applying. Shannon has the inside perspective.


Indicted in the U.S., Putin's buddy spreads disinformation in Africa

A Russian financier with ties to Vladimir Putin was behind three networks of Facebook accounts that worked to interfere in the domestic politics of eight countries in Africa, the social media company said. Facebook took down a total of 66 accounts, 83 pages, 11 groups and 12 Instagram pages for their part in information campaigns meant to manipulate legitimate users, the company said Wednesday. The operations focused on issues like elections in Madagascar, Russian involvement in Africa, Sudanese-Russian relations and U.S. foreign policy, Facebook said. The company traced all of the activity to Yevgeniy Prizgohin, a businessman previously indicted by former U.S. Special Counsel Robert Mueller in connection with the Russian Internet Research Agency. The IRA is the so-called Russian troll farm that sought to manipulate U.S. social media users before and after the 2016 presidential election. Jeff Stone has more details.


Campaign cyber discounts continue

A nonprofit that got approval from the Federal Election Commission to provide politicians with cybersecurity services earlier this year announced Thursday it will offer anti-phishing, email security, encrypted messaging, and other security training to campaigns. The nonprofit, Defending Digital Campaigns (DDC), founded by Robby Mook and Matt Rhoades, the former campaign managers for Hillary Clinton’s 2016 and Mitt Romney’s 2012 runs, will also make these services available at low or no cost to political party committees. The list of participating vendors includes Agari, Area 1 Security, Cybrary, Elevate Security, GRA Quantum, Lookout, and Wickr.  “Our goal is to make it easier and expeditious for campaigns to implement better cybersecurity practices,” said DDC president Michael Kaiser. Read Shannon’s coverage.


The final chapter in Uber's hack story

Two men pleaded guilty on Wednesday to charges related to hacking Uber and LinkedIn subsidiary Lynda.com in 2016, then trying to blackmail both companies into paying them to keep quiet about the incidents. Brandon Glover, a 26-year-old Florida man, and Vasile Mereacre, a 23-year-old Canadian, acknowledged their role iin a scheme to access personal information belonging to tens of millions of customers. The men said they were able to obtain customers’ information from Uber and Lynda by accessing Amazon Web Services accounts from both companies’ employees, then downloading troves of data. Then, they anonymously contacted security teams from both companies, promising to remain silent in exchange for hundreds of thousands of dollars. Jeff has the court documents.


MITRE ATT&CK Framework goes industrial

The MITRE ATT&CK Framework has become a go-to document for analysts to track hacking tactics unique to any given adversary. An update to the framework scheduled for December will include custom methods used to target industrial control systems (ICS). It’s a recognition of the growing number of hacking groups that target ICS, and of the need to speak a common language in analyzing those attacks. The update has been a couple years in the making and was inspired, at least in part, by the cyberattacks that resulted in blackouts in Ukraine in 2015 and 2016. Sean Lyngaas has the report.


NSA warns of vulnerable web app

Nation-state hackers are exploiting a vulnerability in Atlassian Confluence, a collaboration web application, to deliver ransomware and to control of exploited systems, the National Security Agency warned Wednesday. “Specifically, there is a server-side template injection vulnerability in the Widget Connector, a macro used by Confluence,” states the NSA advisory. “Adversaries can exploit this vulnerability in the affected application, without credentials, to gain remote code execution on the system running Confluence.” Confluence warned about the exploitation, which previously was linked with GandCrab ransomware deployments, back in April. Read the NSA's new recommendations here.


Tweet Of The Day

Image

SparkNotes...still the best.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}