{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

08/23/2021
linkedin facebook twitter instagram
WorkScoop
Ransomware is pushing cyber insurance to the brink. There are more Microsoft Exchange Server vulnerabilities to worry about. And a botnet gets more elaborate. This is CyberScoop for Aug. 23, 2021.

State of cyber insurance: 'This is our crisis moment'

Ransomware has driven the cyber insurance market to a "breaking point" and "crisis moment," say industry insiders and analysts. Premiums are skyrocketing, but not as quickly as claims — a situation that threatens the market's profitability. That would be bad for business, but also bad for current and prospective cyber insurance policyholders who could receive less coverage, even higher prices or outright rejection. The industry's in the middle of trying to adjust, but more might be needed. Tim Starks dives deeper.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


Patch those servers

Hackers are going after a dangerous trio of vulnerabilities in Microsoft Exchange's ProxyShell, cybersecurity researchers and CISA flagged over the weekend. CISA is recommending that all customers update their systems using patches issued by Microsoft in May. More than 100 firms have already been compromised and that number is growing. The vulnerabilities could prove to be even more dangerous than the one Chinese hackers used in March to target thousands of companies in the private and public sector. Tonya Riley reports.


Don’t sleep on botnets

Remember TrickBot? U.S. military hackers, and some of the biggest tech companies, tried to knock the botnet on its heels, to limited effect. New research on a different botnet is a reminder of how entrenched these zombie computer armies are. Mozi, a botnet known for DDoS attacks, now has features designed to evade detection on popular networking equipment made by the likes of Huawei, Microsoft researchers said. Sean Lyngaas has the low-down.


CISA signs cooperation deal with Singapore cyber agency

The U.S. and Singaporean governments’ cyber agencies on Monday said they had signed an agreement to share threat data, conduct research and development and do joint cyber drills. Singapore is a tech hub that punches far above its weight in terms of cyber know-how. CISA Director Jen Easterly said international agreements like this would be key to the Biden administration’s approach to cybersecurity. Here’s the announcement.


More bad Microsoft-related news

The exposure of a COVID-19 contact-tracing database in Indiana that sparked a row between state officials and a cybersecurity company was part of a broader issue connected to a Microsoft app-development tool that left tens of millions of records containing personal information from a range of large government and corporate entities visible on the internet. According to research published Monday by UpGuard, which discovered the leaks, organizations that used Power Apps, a low-code development platform for creating business-intelligence tools, were susceptible to a default configuration that made their data sets findable by search engines or anyone with knowledge of the web address. In total, UpGuard notified 47 organizations and counted 38 million records — containing names, dates of birth, addresses and, in some cases, Social Security numbers — that were exposed. StateScoop's Benjamin Freed has the story.


DHS searching for vendors to help host President’s Cup cyber competition

DHS is looking for contractors capable of supporting the annual President’s Cup Cybersecurity Competition. CISA issued a request for information last week “to solicit information from industry that can provide President’s Cup Cybersecurity Competition (PCCC) support services.” Launched in 2019, the President’s Cup is a national event to “identify, challenge, and reward the best cybersecurity talent in the federal workforce” based on elements of the National Initiative for Cybersecurity Education Framework, according to CISA. The competition was created by a 2019 executive order on the federal cyber workforce, and the third iteration will run sometime this fall. Billy Mitchell covered the news at FedScoop.


Tweet Of The Day

Image

Only one way to get off the ransom roundabout.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}