{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A mysterious hacking group known for doxxing Chinese APTs made a surprise return today. Amazon's Ring responds to senators who wondered why the security service introduces so many vulnerabilities. And what's up, Las Vegas? This is CyberScoop for Thursday, January 9.

Intrusion Truth is back

The anonymous group known in the cybersecurity world for publishing detailed blog posts about suspected nation-state hackers released new information Thursday alleging that Chinese technology companies are providing the infrastructure for attackers working on Beijing’s behalf. By identifying job postings seeking offensive cybersecurity skills, Intrusion Truth found a number of companies in Hainan, a province in South China, all using the same language in their advertisements. Some of those companies have only a small web presence outside the job ads seeking offensive-minded computer specialists, suggesting that employers actually are trying to recruit hackers for advanced persistent threat groups. Jeff Stone has the story.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Lazarus Group is keeping up with the times

For years, North Korean hackers have tried different tactics to run cyber-enabled financial heists, most recently using front companies to compromise cryptocurrency-related businesses. And even though some of those fake companies don't pass the smell test (sometimes the links don't even work) Lazarus Group hackers have been more careful with their hacking tools. By tweaking malware, delivery mechanisms, and payloads, the Pyongyang-linked attackers are trying to decrease their chances of getting caught, according to new Kaspersky Lab research. Recent payloads, for instance, are meant to infect only certain victims, apparent proof hackers are getting more selective with their victims. Shannon Vavra explains the threat.

TrickBot gets trickier

Hackers behind the TrickBot banking trojan expanded its capabilities with a new backdoor meant to compromise high-value targets and evade detection, according to new research from SentinelOne’s threat intelligence arm, SentinelLabs. The new backdoor, which SentinelLabs calls “PowerTrick,” is likely launched through Windows management system PowerShell, and can pivot and move laterally to other systems. The update can enable cybercriminals to infect systems, and then surreptitiously escalate their attack to pilfer off confidential banking information, or launch ransomware attacks, according to SentinelLabs. Shannon has the latest.

Amid Senate scrutiny, Ring responds

Ring has answered questions about its data protection policies following a string of security incidents in which hackers breached the company’s cameras to view customers' footage. In a letter to five Senate Democrats this week, Ring said it was promoting two-factor authentication with users and scouring the web for credentials sucked up in third-party breaches. For at least one lawmaker, however, the company needs to do more. “There are millions of consumers who already have a Ring camera in their homes who remain needlessly vulnerable to hackers,” Sen. Ron Wyden, D-Ore., said in a statement. Sean Lyngaas has more details.

Scant details about that Vegas incident

Las Vegas officials said that the city experienced a network security incident that may result in “brief interruptions of service” to its residents and visitors, though there are few details about the event. A post from the city’s official Twitter account referred to the incident as a “cyber compromise” that was initially detected about 4:30 a.m. on Tuesday, and quickly addressed by the city’s Department of Information Technologies. A spokesman said the incident was likely set off by a malicious email, and that like many other large local-government organizations, Las Vegas is on the receiving end of hundreds of thousands of breach attempts every month. Benjamin Freed is watching the case at StateScoop.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}