{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
The SolarWinds attackers were clearly smart, and we're finding out more about it. The Biden administration fields questions about the breach almost immediately. And the new DNI officially gets underway. This is CyberScoop for Thursday, Jan. 21, 2020.

The remarkable opsec of the SolarWinds hackers

The spies who carried out the SolarWinds breaches were bound to cover their tracks. But they went above and beyond. New details from Microsoft’s investigation show the lengths the attackers went to protect the crown jewel of the operation from getting burned. There’s surely more to learn from the campaign, but this is a big piece of the puzzle. Sean Lyngaas has more.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Biden’s first SolarWinds question

At the first White House press briefing of the Biden administration Wednesday evening, Press Secretary Jen Psaki’s second question was on the SolarWinds breach. Psaki indicated the U.S. government may be interested in responding to the suspected Russian espionage operation, which has impacted federal agencies and the private sector. “We’ve spoken about this previously...of course we reserve the right to respond at a time and manner of our choosing to any cyberattack,” Psaki told reporters. How the Biden administration reacts — or retaliates — to the campaign will be an early test of the Biden administration’s cybersecurity chops. Our latest SolarWinds coverage.

Avril Haines confirmed

Avril Haines, the nominee for director of national intelligence, was confirmed Wednesday evening in the Senate. Haines, who is the first official Cabinet member of the Biden administration, told lawmakers during her confirmation hearing that she would provide Congress a threat assessment on QAnon as well as an unclassified intelligence report on who was responsible for the murder of journalist Jamal Khashoggi. Her testimony also touched on SolarWinds. More on Haines’ thoughts on SolarWinds and cybersecurity.

$5.1 million penalty in health insurer's data breach

New York health insurer Excellus has agreed to pay a $5.1 million penalty to the federal government in connection with a data breach that affected more than 9 million people between late 2013 and May 2015. The fine is for violations of privacy and security rules under the Health Insurance Portability and Accountability Act, according to the Department of Health and Human Services' Office for Civil Rights. The incident happened during an era known for high-profile data breaches — Target, Sony, Home Depot and so on — but the announcement of the fine comes as the feds are continuing to track multiple cyberthreats against health care organizations. Joe Warminsky has the story.


Social engineering gains momentum with cyber criminals

Cyber attackers are exploiting the COVID-19 crisis and pose a major security threat for health care organizations. According to Proofpoint’s Ryan Witt, there is an uptick in social engineering techniques as threat actors look for more compelling lures to target people. Leaders need to be more focused on security strategies which provide visibility into who is being targeted in their organization. Read more from Witt.

A big 'oops' from a phishing campaign

A phishing campaign that targeted multiple industrial sectors in 2020 apparently was messier than the average cybercrime operation, according to cybersecurity company Check Point. The attackers made a “simple mistake in their attack chain,” the researchers said, by not securing the pilfered information properly once it was uploaded to websites for temporary storage. In short, not only did people have their email credentials stolen, but they were also posted in a way that Google's search engine could publicly index them. The slip-up could've undermined the attackers' plans in several ways. Joe explains.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}