{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

04/14/2021
linkedin facebook twitter instagram
WorkScoop
The intelligence community gets more direct with SolarWinds hack attribution. The electric sector accounts for its exposure. And the FBI takes on Microsoft Exchange Server exploitation. This is CyberScoop for April 14, 2021.

IC annual threat assessment drops

The intelligence community made its most direct public attribution yet that Russia was behind the SolarWinds espionage operation in its Annual Threat Assessment, which ODNI released Tuesday in advance of Wednesday morning's Senate worldwide threats hearing. The publication of the threat assessment coincides with President Joe Biden’s call with Russian President Vladimir Putin Tuesday, during which Biden “made clear that the United States will act firmly in defense of its national interests in response to Russia’s actions, such as cyber intrusions and election interference.” The intelligence community’s threat assessment also detailed Chinese, Iranian and North Korean threats. Shannon Vavra breaks it down.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


SolarWinds backdoors littered the electric sector

While the so-called SolarWinds espionage campaign has primarily targeted the U.S. government, the malicious code used by the attackers has popped up in multiple sectors. On Tuesday, we learned more about just how exposed electric utilities in North America were: The grid regulator NERC said hundreds of them had downloaded the malicious code. No follow-on hacking appears to have ensued, but it’s a cautionary tale in supply chain security. Sean Lyngaas has the story.


The FBI takes a big swing at Exchange Server web shells

The FBI said Tuesday that it had taken dramatic action to disrupt exploitation of Microsoft software, using a court order to clean up hundreds of malicious artifacts on U.S. computers. It’s the most aggressive federal action yet to combat the Exchange Server exploitation since Microsoft revealed March 2 that suspected Chinese spies were using the bugs to burrow into email inboxes. Sean breaks it down.


Watch out for cryptojacking

Hackers are hitting vulnerable Microsoft Exchange Servers with a Monero cryptominer, according to Sophos research published Tuesday. The attackers, whom Sophos did not identify, began their apparently financially-motivated campaign shortly after Microsoft announced four zero-day vulnerabilities last month, according to Sophos. The attackers have lost several of the servers they used to steal Monero from victims, an indication that those with vulnerable machines are applying patches and hunting for compromises. But over the past month, the hackers have looked for new vulnerable servers to exploit as well. Shannon dives in.


More Exchange Server drama

The National Security Agency revealed Tuesday that it had alerted Microsoft to multiple critical vulnerabilities in Exchange Server, capping a dramatic few weeks for bugs in the popular email program. Patches are available, and Microsoft said it hasn’t seen its clients hacked, but expect exploits to be available soon. As one of the world most powerful spy agencies, the NSA routinely has to decide whether to disclose software bugs or keep them for intelligence-gathering overseas. Sean has the details.


Tweet Of The Day

Image

It's a little like a job application.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}