{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
Mick Baccio, who just resigned as the chief information security officer for Pete Buttigieg's campaign, speaks. A Google change means you can use iPhones and Androids as a security key. And the Pentagon completed a second "Hack the Army" contest. This is CyberScoop for Thursday, January 16.

Buttigieg’s head cyber honcho is out

The chief information security officer for Democratic presidential candidate Pete Buttigieg’s campaign, Mick Baccio, has resigned. Baccio, who had been with the Buttigieg campaign since last summer, told Shannon Vavra he left because he no longer agreed with the way senior leadership in the campaign was envisioning campaign cybersecurity. There were "fundamental philosophical differences with the campaign management regarding the architecture and scope of the information security program,” he said without revealing anything specific. Baccio’s departure may come as a blow to the campaign’s cybersecurity operations, as it comes just as concerns about foreign interference in the 2020 presidential election mount, and as the Iowa caucuses approach. Shannon Vavra has the details.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

A key Google security tool is available on iPhones

Google users can now use an iPhone or Android device as a security key to sign into their accounts, utilizing a technique that improves their defense against phishing attacks, the company announced Wednesday. In a blog post, a product manager for Google’s Advanced Protection Program wrote that people who exclusively use security keys when logging in to their accounts “never fell victim to targeted phishing attacks.” Yet security keys, which are more secure than text-based authentication, typically are available in the form of a standalone physical device, an inconvenience that may discourage adoption. Google’s update Wednesday is a significant step toward solving that problem. Instead of plugging a key into a USB slot, users just need to have their phones close to their machines. Jeff Stone has more context.

Vulnerability lingo doesn’t account for hardware, Intel says

Sharing a common language to describe flaws in technology is critical to the cybersecurity industry. It allows the severity of vulnerabilities to be understood, tracked, and addressed. But that language is overwhelmingly focused on software and sorely lacking in details on hardware, researchers at chipmaking giant Intel say. In an op-ed this week, the researchers argued that there are “hardware-centric weakness” involving the physical properties of hardware devices — things like temperature and voltage — that the current system ignores. That matters because white-hat hackers are increasingly uncovering issues in those physical properties that the bad guys might exploit. Sean Lyngaas takes a look.

Pentagon, HackerOne announce the Hack the Army 2.0 results

During just over a month of competition at the end of 2019, 52 hackers found 146 valid security vulnerabilities and were awarded a total of $275,000 for their work. The hackers, who hailed from the U.S., Canada, Romania, Portugal, the Netherlands and Germany, were asked to survey more than 60 publicly accessible web assets, like the Arlington National Cemetery website, the army.mil domain and more. After the close of the competition, on Nov. 20, 2019, the DOD hosted an awards ceremony in Augusta, Georgia, where it recognized the top three participants. The hackers also had the opportunity to meet and talk with DOD cybersecurity professionals. During the first program, held in 2016, 371 “white hat” hackers found 118 valid vulnerabilities and were awarded a total of around $100,000 for their discoveries. Tajha Chappellet-Lanier has the story.

Senators want protection for mom and pop shops

Resource-strapped small businesses are going to need some help in implementing security practices recommended by DHS to guard against the Iranian hacking threat, a bipartisan pair of senators said Wednesday. Sens. Marco Rubio and Ben Cardin have urged the new head of the Small Business Administration to take “immediate action” by giving security advice and making resources available to small companies to shore up their networks. “As you know, limited resources and technical expertise leaves many small businesses vulnerable to cyberattacks,” the lawmakers wrote. Sean has the letter.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}