{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

04/30/2021
linkedin facebook twitter instagram
WorkScoop
Flaws in email technology paved the way for a ransomware spree. A police chief confirms an attack in D.C. And the NSA is tightening the screws after all that Russian hacking. This is CyberScoop for April 30, 2021.

Zero day in SonicWall products enabled ransomware spread

A hacking group exploited a SonicWall zero-day software flaw before a fix was available in order to deploy a previously unreported ransomware strain, FireEye researchers said. The disclosure of the ransomware comes one week after FireEye revealed three previously unknown vulnerabilities in SonicWall’s email security software. But the latest hacking tool emerges from an earlier zero-day found in SonicWall’s mobile networking gear. Mandiant, FireEye’s incident response unit, dubbed the malware FiveHands, which bears similarities to another hacking tool, dubbed HelloKitty, that attackers deployed against a video game company. The security firm linked it to a group they call UNC2447. Tim Starks has the story.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


D.C. cops explain ransomware incident

The head of Washington, D.C.’s Metropolitan Police Department said Thursday that personnel files were among the data stolen in a ransomware attack that was reported earlier this week. In a department-wide memo, Acting Chief Robert Contee wrote that the more than 250 gigabytes of MPD files stolen by affiliates of the Babuk ransomware gang included documents about individual officers. MPD files appeared on a leak site associated with the Babuk ransomware, which first appeared in January but until this week, had targeted mostly businesses — including the NBA’s Houston Rockets — and nonprofit organizations rather than government entities. The Babuk post threatened that the trove of D.C. police documents also included arrest reports, intelligence documents and internal memos. Ben Freed has the story at StateScoop.


NSA memo warns of Russian hacking

The NSA warned defense contractors in a memo on Thursday to reexamine the security of the connections between their operational technology and information technology in light of recent alleged Russian hacking. The alert, which references the sweeping SolarWinds espionage operation that U.S. officials have blamed on the Russian government, is meant to convince technology operators in the defense industrial base to limit the scope and scale of any potential attack surface for U.S. adversaries to exploit. As a result of the SolarWinds breach, Russian hackers hit U.S. federal agencies and private sector entities, including some OT and U.S. critical infrastructure. Shannon Vavra has the story.


Chinese military hackers on the hunt

Chinese hackers with suspected ties to the People’s Liberation Army have been hacking into military and government organizations in Southeast Asia over the course of the last two years, according to Bitdefender research. The hackers, known as the Naikon group, have been conducting espionage against the organizations and stealing data from the victims since at least June of 2019. It’s just the latest evidence security researchers have gathered in the last several years that Naikon is still actively conducting espionage six years after security researchers first uncovered the group’s campaigns. Shannon has the latest.


Medical software bugs risk IoT crash

Microsoft researchers on Thursday disclosed some two dozen bugs in software used by countless medical and industrial devices. The flaws, if exploited, could caused the devices to crash. The researchers aren’t aware of any exploits yet in the wild yet, but you know how that goes. Sean Lyngaas has more.


Tweet Of The Day

Image

Click through for some time well wasted.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}