{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

02/27/2020
linkedin facebook twitter instagram
WorkScoop
Dmitri Alperovtich says Chinese hacking infrastructure "vanishes" after the attackers who built it are indicted. Meet Krook, a new vulnerability that affects more IoT devices than anyone would like. And Ryuk makes a return visit to a U.S. school district. This is CyberScoop for Thursday, February 27.

It looks like name-and-shame is working in China

U.S. indictments against individual Chinese soldiers accused of hacking various American targets have deterred those military personnel from conducting the same kinds of hacks in the future, according to the co-founder of a firm known for investigating nation-state activity. Digital infrastructure associated with alleged hackers charged in 2014, 2017 and 2018 essentially evaporated when charges in each case were made public, said Dmitri Alperovitch, who co-founded CrowdStrike, during a keynote speech Wednesday during the RSA security conference in San Francisco. Each of the groups — known as APT 1, APT 3, or Buyosec, and APT 10, respectively — has been associated with Chinese intelligence services or the People’s Liberation Army. “Everything associated with them disappeared,” Alperovitch said during a conversation with reporters after the presentation. Jeff Stone has more details.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Iranian hackers go phishing in Turkey, Jordan and Iraq

Dell Secureworks uncovered an apparent espionage campaign meant to gather credentials from government organizations throughout the Middle East. Most of the targeting began before the U.S. military killed Qassem Soleimani, the leader of the Iran’s Quds Force, in Baghdad early January. But Alex Tilley, a senior researcher for Secureworks, told CyberScoop the spearphishing activity has increased since the killing. Based on the victims and code similarities, Secureworks assesses the activity to be the work of MuddyWater, an Iranian hacking group that has been known to target Middle Eastern, European, and North American nations. Shannon Vavra covered the news.


A billion reasons to patch

Three years after a researcher found a bug in wireless communications, a new, related vulnerability points to the enduring challenge of securing IoT devices. The new bug, called Krook and found by antivirus firm ESET, is in widely used Wi-Fi chips made by Broadcom and Cypress, and could allow a criminal or spy to decrypt data sent over wireless connections. The vulnerability cannot be used break two popular protocols, HTTPs and TLS, but there are still plenty of opportunities for exploitation. Sean Lyngaas has the story.


It’s Ryuk round 2 for a school district

This academic year has seen at least 24 ransomware attacks against U.S. school districts, and one of those victims now has been infected twice. Gadsden Independent School District in Las Cruces, New Mexico, had to take its systems offline Monday after discovering its second infection with the Ryuk virus this year. The district announced that its internet and communications systems, including phone service, were shut down at all 24 schools in the district, and are not expected to be restored sooner than the end of the week. The previous attack was in August, just as schools were ramping up for the new year. Betsy Foresman has the update at EdScoop.


Workforce coalition expands

The Aspen Cybersecurity Group announced Wednesday that it has rounded up more companies pledging to enhance and grow the cybersecurity workforce. New members in the coalition are FireEye, Intel, Malwarebytes, McAfee, Proofpoint, Rapid7, Raytheon, Recorded Future, Target, Tenable, VMware, Bank of America, U.S. Bank and Casey’s General Stores. The initiative, launched last fall, is focused on pulling in cybersecurity talent beyond those with four-year degrees, changing job descriptions to be less gender-biased, and improving clarity in job descriptions. Shannon had it covered.


Tweet Of The Day

Image

That ... makes so much sense.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}