{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A hacked Twitter account falsely reported U.S. troops were pulling out of Kuwait amid soaring tension with Iran. Details about a forthcoming report that lawmakers hope will help harden U.S. data protection strategies. And the latest on that mysterious ransomware attack that's forced Travelex offline. This is CyberScoop for Wednesday, January 8.

Saudis uncover new variant of suspected Iranian malware

Around the time that U.S.-Iran tension was escalating last month, Saudi cybersecurity authorities found a new variant of data-wiping malware that experts say bears the hallmarks of Iranian hacking activity. The malware, dubbed Dustman, was used in a Dec. 29 attack on an unnamed target by a state-sponsored actor, the Saudi National Cybersecurity Authority said in an advisory obtained by CyberScoop. It’s similar in some ways to a wiper that IBM said suspected Iranian hackers used in attacks on industrial organizations in the Middle East last year. “This is part of the likely retaliatory package that is being considered by Iran,” CrowdStrike’s Adam Meyers told CyberScoop. “They understand the asymmetric power of cyber operations.” Sean Lyngaas has the details.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Hackers use Kuwaiti Twitter to spread fake news

The Kuwaiti government clarified that U.S. military personnel are not pulling out of the country Wednesday after KUNA, the state news agency, reported that a defense minister said Americans planned an “imminent withdrawal” within three days. Actually, KUNA had been hacked, according to Tareq al-Muzraem, head of Kuwait’s government communication office. KUNA deleted the original claim from its Twitter page, and posted a series of updates on its website and to its more than 34,000 followers on Twitter. Reuters, a global news and wire service, was one credible news outlet to publish a brief article based on the false KUNA report. Jeff Stone has more context.

A congressional commission is thinking about how to improve U.S. cyber

The Cyberspace Solarium Commission, a bipartisan group tasked last year with devising a strategy for defending the U.S. against cyberattacks, is mulling ways to incentivize the private sector to use better security practices. The commission’s co-chairs, Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., said Tuesday they've been thought about possible reporting requirements around the so-called 1:10:60 rule, by which firms to detect intrusions in one minute, have an analyst evaluate it in 10 minutes, and remediate it within 60 minutes. While the final language is unclear, the report is expected to include a sweeping set of proposals ranging from an overhaul of congressional oversight on cybersecurity issues to an assessment of the Pentagon’s offensive and defensive readiness. Shannon Vavra broke it down.

Travelex's ransomware struggle continues

The British currency exchange said on Dec. 31 it would suspend all of its online services, including its app and internal email systems, to mitigate a cyberattack it detected that day. Two days later, Travelex contacted the Metropolitan police, seeking help to resolve the situation. Normal operations hadn’t been restored, with hackers reportedly demanding a $6 million ransom (£4.6 million) to unlock the affected data. Travelex said on Tuesday attackers used the malware strain known as Sodinokibi, or REvil, in the hack. Jeff has the statement.

Hackers defaced Texas government website with Iranian propaganda

The Texas Department of Agriculture's website was hit Tuesday, its usual contents replaced with an image of Qassem Soleimani, the Iranian general who was killed last week in a U.S. airstrike. Hackers referring to themselves as “Shield Iran” claimed credit. While the department’s site has since been restored, the defacement is similar to other attacks on U.S.-based websites in the days following President Donald Trump’s order to kill Soleimani, who commanded Iran’s Quds Force. Over the weekend, a website belonging to the U.S. Government Publishing Office was used to broadcast a similar message. The website of the Southern Alabama Veterans Council, a nonprofit group, was also targeted on Tuesday. StateScoop's Benjamin Freed has more.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}