{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

03/23/2021
linkedin facebook twitter instagram
WorkScoop
Things got worse before they got better on the Microsoft Exchange Server vulnerabilities. Shell says it was affected by the Accellion breach. And NCC Group found active exploitation of F5 flaws. This is CyberScoop for March 23, 2021.

Some cold water on that Exchange good news

There are thousands of Microsoft Exchange servers that were compromised before they were patched, CISA acting director Brandon Wales said Monday while warning organizations not to be lulled into a false sense of security. The comments are a sobering counterpoint to the data released by the White House Monday showing a drop in the number of unpatched servers. Sean Lyngaas reports.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Shell caught up in Accellion

Oil and gas company Shell is the latest organization to get caught up in the hack that targeted IT provider Accellion’s file-sharing platform, the energy company said. The suspected criminal hackers behind the breach, who have gone after victims around the world using vulnerabilities in Accellion’s file transfer application (FTA), have accessed some personal data as well as data belonging to Shell stakeholders and subsidiaries, the company said. Shell had used the FTA to securely transfer large files. Shannon Vavra has this one.


Bombs away on those F5 bugs

It was only a matter of time before hackers started exploiting vulnerabilities in F5 Networks’ popular enterprise software; The product is too juicy of a target to turn down. Researchers from NCC Group have confirmed active exploitation of one of the critical bugs in the wild, while other analysts saw mass scanning for the vulnerability. Shields up. Sean has more.


Speaking of CISA movements…

Nearly half of the state cybersecurity coordinator positions at the Cybersecurity and Infrastructure Agency have been filled, the agency’s acting director Brandon Wales said. The positions, which were created in last year’s defense authorization bill, are advisers and advocates for federal cyber capabilities to their assigned states. The hires are the latest piece in CISA’s broadening fight against ransomware. StateScoop’s Ben Freed is on the case.


Flaws in school software

McAfee researchers recently found four “critical” vulnerabilities in Netop Vision Pro, a popular brand of classroom management software used to manage online classes in K-12 schools that if left unpatched could allow hackers to steal user credentials, install ransomware on school IT and even take control of students’ and teachers’ webcams. Vision Pro is used by teachers to share the contents of their screens to remote students, as well as to view students’ screens and push URLs and other content to students. The program is used by about 3 million teachers and students globally, spread across more than 9,000 school systems. But the vulnerabilities McAfee found could allow malicious actors to use those capabilities to plant malware or spy on users. Ben explains.


DDoS for IDB — by CCP?

Traffic from China overwhelmed the website of the Inter-American Development Bank in 2019 and knocked it offline at times, according to an Associated Press report on the bank's analysis of the incident. Overall, the DDoS attack stretched on for months, and the bank — "the leading source of development finance for Latin American and the Caribbean," according to its website — even blocked traffic from China, only for the attackers to use IP addresses from other countries. The attack came shortly after a Trump administration push to cancel a bank gathering in Chengdu. Read the full story.


Tweet Of The Day

Image

AHEM.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}