{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

05/03/2022
linkedin facebook twitter instagram
WorkScoop
A harassment campaign highlights problems with emergency disclosure requests. The SolarWinds hackers have some new tricks. And a Defense Department bug bounty program expands. This is CyberScoop for May 3.

Twitter may have given a ransomware attacker emergency data

A man living in Russia and accused by the U.S. government of being involved with the notorious REvil ransomware crew may have been involved in a recent phony emergency disclosure request sent to Twitter. That data was then used to force a ransomware researcher offline as part of a broader campaign of harassment on the part of the man, or someone posing as him. The episode is just the latest example of the tech industry's ongoing problem with fake emergency data requests being used toward illicit ends. AJ Vicens has the whole strange tale.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


SolarWinds hackers are at it again

Nobelium, the group behind the infamous SolarWinds attack, is using a buffet of phony domains to emulate real brands and lure targets into traps. Recorded Future researchers identified more than four dozen domains the group used in phishing attacks. The tactic, in which hackers register misspelled versions of real brand domains to trick targets, is known as “typosquatting.” Recorded Future researchers couldn’t identify targets of the campaign, but Russian hackers have used similar techniques to go after targets in Ukraine and diplomatic entities. Tonya Riley had it first.


DOD expands vulnerability disclosure program to contracting base in pilot

DOD’s Cyber Crime Center, in partnership with HackerOne, just concluded a yearlong Defense Industrial Base-Vulnerability Disclosure Program Pilot in which it invited members of the defense industrial base to accept vulnerability disclosures on the public-facing systems. The Defense Counterintelligence and Security Agency also assisted in the pilot. In total, 41 small- and medium-sized defense contractors participated in the pilot, and researchers submitted 1,015 reports, of which 401 were validated by system owners for remediation. Read more from Billy Mitchell at FedScoop.


WATCH: Interviews from Zero Trust Summit 2022

During last month’s Zero Trust Summit, cybersecurity decision-makers from the public and private sectors joined CyberScoop to discuss the adoption of zero trust across government, supply chain security and cloud security. Tune in for exclusive interviews with:

Find everything from the event here.


Tweet Of The Day

Image

Suspiciously specific.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}